ASM Polymorphic shellcode (SLAE x86 Assignment #6)

Introduction

This is assignment #6 of the SLAE x86 Exam objectives.

Objectives

  • Take up 3 shellcodes from Shell-Storm and create polymorphic versions of them to beat pattern matching
  • The polymorphic versions cannot be larger than 150% of the existing shellcode
    • Bonus points for making it shorter in length than original
Continue reading “ASM Polymorphic shellcode (SLAE x86 Assignment #6)”

ASM Shellcode analysis (SLAE x86 Assignment #5)

Introduction

This is assignment #5 of the SLAE x86 Exam objectives.

Objectives

  • Take up at least 3 shellcode samples created using msfvenom for linux/x86
  • Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode
  • Present your analysis
Continue reading “ASM Shellcode analysis (SLAE x86 Assignment #5)”

ASM Encoder (SLAE x86 Assignment #4)

Introduction

This is assignment #4 of the SLAE x86 Exam objectives.

Objectives

  • Create a custom encoding scheme like the “Insertion Encoder” we showed you
  • PoC with using execve-­stack as the shellcode to encode with your schema and execute

Notice

At the time of writing this I already had a shellcode published on packetstorm and exploit-db which could serve as a solution to the exercise, but for completeness of this blog post and to avoid explaining the fstenv technique for clarity purposes.

Continue reading “ASM Encoder (SLAE x86 Assignment #4)”

ASM Egghunter (SLAE x86 Assignment #3)

Introduction

This is assignment #3 of the SLAE x86 Exam objectives.

Objectives

  • Study about the Egg Hunter shellcode
  • Create a working demo of the Egghunter
  • Should be configurable for different payloads
Continue reading “ASM Egghunter (SLAE x86 Assignment #3)”

ASM TCP Reverse Shell (SLAE x86 Assignment #2)

Introduction

This is assignment #2 of the SLAE x86 Exam objectives.

Objectives

  • Crate a Shell_Reverse_TCP shellcode
    • Reverse connects to configured IP and port
    • Execs Shell on successful connection
  • IP and Port number should be easily configurable
Continue reading “ASM TCP Reverse Shell (SLAE x86 Assignment #2)”