Sunday, 21 January 2024

Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


Related links


  1. Hacker Tools
  2. Hack Tools For Mac
  3. Nsa Hack Tools Download
  4. Best Hacking Tools 2020
  5. Pentest Tools Online
  6. Hacking Tools Hardware
  7. Hacker Tools For Pc
  8. Hacker Tools Hardware
  9. Hacker Search Tools
  10. Hacking Tools
  11. Hacking Tools For Kali Linux
  12. Hacker Tools List
  13. Pentest Tools Framework
  14. Hackers Toolbox
  15. Usb Pentest Tools
  16. Hacking Tools For Beginners
  17. Pentest Tools Url Fuzzer
  18. Hacking Tools Name
  19. Hacking Apps
  20. Best Hacking Tools 2020
  21. Pentest Tools For Windows
  22. Hack Tools For Ubuntu
  23. Hack Tools Online
  24. Hacker Tools Windows
  25. Hacking App
  26. Pentest Tools Online
  27. Hacking Tools Mac
  28. Hack Tool Apk
  29. Pentest Tools Website
  30. Install Pentest Tools Ubuntu
  31. Growth Hacker Tools
  32. Hacking App
  33. Hack Tools For Mac
  34. Termux Hacking Tools 2019
  35. Pentest Tools For Mac
  36. Pentest Tools Nmap
  37. Android Hack Tools Github
  38. Hacking Tools Hardware
  39. Hacker Techniques Tools And Incident Handling
  40. Hack And Tools
  41. Hack Tools
  42. Pentest Tools Online
  43. Pentest Tools Kali Linux
  44. Hack Tools Mac
  45. Hacking Tools For Kali Linux
  46. Hacking Tools For Windows Free Download
  47. Hack Tools 2019
  48. Beginner Hacker Tools
  49. Hacker Tools 2020
  50. Game Hacking
  51. Pentest Reporting Tools
  52. Hacking Tools Usb
  53. Hak5 Tools
  54. Hacking Tools Kit
  55. How To Hack
  56. Hack Tools
  57. Tools Used For Hacking
  58. Pentest Tools Url Fuzzer
  59. Pentest Tools For Windows
  60. Hacking Tools For Pc
  61. Hacker Hardware Tools
  62. Top Pentest Tools
  63. Pentest Tools Windows
  64. Best Hacking Tools 2019
  65. Hack Tools
  66. Pentest Tools Review
  67. Hacking Tools For Windows 7
  68. Hacker Tools Free Download
  69. Hackers Toolbox
  70. Kik Hack Tools
  71. Pentest Tools Kali Linux
  72. Growth Hacker Tools
  73. Hacking Tools 2020
  74. Hacker Tools Apk Download
  75. Hacking App
  76. Hacker Tools 2020
  77. Hack Tools Online
  78. Hack Tools For Games
  79. Nsa Hacker Tools
  80. Hacker Tool Kit
  81. Pentest Tools Windows
  82. Usb Pentest Tools
  83. Hacking Tools Pc
  84. Pentest Tools Linux
  85. Pentest Tools Online
  86. Hacking Tools Name
  87. Hacker Search Tools
  88. Hacking Tools Windows
  89. Hacking Tools Windows 10
  90. Nsa Hack Tools
  91. Hacker Tools 2020
  92. Hack Tools Mac
  93. Hack Rom Tools
  94. Pentest Tools Website
  95. Pentest Tools Kali Linux
  96. Hacker Search Tools
  97. Top Pentest Tools
  98. Free Pentest Tools For Windows
  99. Hackers Toolbox
  100. Hacking Tools Usb
  101. Wifi Hacker Tools For Windows
  102. Pentest Tools Website
  103. Pentest Tools Apk
  104. Pentest Tools Alternative
  105. Pentest Tools Url Fuzzer
  106. What Are Hacking Tools
  107. Hacking Tools Online
  108. Nsa Hacker Tools
  109. Pentest Tools Framework
  110. Hack Rom Tools
  111. Pentest Tools List
  112. Hacking Tools For Beginners
  113. Hacking Tools 2020
  114. Hack Tool Apk
  115. Hacker
  116. Hack Tools For Pc
  117. Hacking Tools Windows 10
  118. Computer Hacker
  119. Hacker Security Tools
  120. Hacker Tools Free
  121. Best Hacking Tools 2020
  122. Hack Tools Online
  123. Hacker Tools 2019
  124. Hacking Tools 2020
  125. Pentest Tools List
  126. Pentest Tools Open Source
  127. Pentest Tools
  128. Hacker Tools Github
  129. Pentest Tools For Mac
  130. Beginner Hacker Tools
  131. Hack Tools
  132. Hackrf Tools
Posted by at

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)