Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Continue reading

1. Hacker Tools Github
2. What Is Hacking Tools
3. Underground Hacker Sites
4. Usb Pentest Tools
5. Pentest Tools Bluekeep
6. Kik Hack Tools
7. Pentest Tools Find Subdomains
8. Pentest Tools Online
9. Pentest Tools List
10. Hacking Tools For Mac
11. Hacking Tools For Mac
12. Hacking Tools Windows
13. Hacker Tools For Mac
14. Hacker Security Tools
15. Hacker Tools Windows
16. Pentest Tools For Ubuntu
17. Hack Tools Pc
18. Computer Hacker
19. Hack App
20. Pentest Tools For Windows
21. Pentest Tools Windows
22. Pentest Tools Review
23. Hack Tools For Games
24. Hackers Toolbox
25. Pentest Tools Find Subdomains
26. Hacker Security Tools
27. Pentest Tools For Windows
28. Hacker Tools Apk
29. Hacker Tools Apk Download
30. Hacking Tools Free Download
31. Hack Tools For Pc
32. What Are Hacking Tools
33. Hacker Techniques Tools And Incident Handling
34. Hacker Tools For Windows
35. Pentest Tools Free
36. Pentest Tools Tcp Port Scanner
37. What Is Hacking Tools
38. Hacking Tools For Beginners
39. Hack Tools
40. Usb Pentest Tools
41. Ethical Hacker Tools
42. Hacker Techniques Tools And Incident Handling
43. Hacker Tools Apk Download
44. Nsa Hack Tools
45. Hacking Tools Windows 10
46. Wifi Hacker Tools For Windows
47. Hacking Tools For Mac
48. Hack Tools For Ubuntu
49. Best Hacking Tools 2019
50. Hacker Tools For Ios
51. Hacking Tools For Games
52. Hacker Tools List
53. Pentest Tools For Ubuntu
54. Hacking Tools And Software
55. Tools For Hacker
56. Pentest Tools For Android
57. Tools Used For Hacking
58. Nsa Hack Tools Download
59. Hak5 Tools
60. Hack And Tools
61. Hacking Tools For Windows
62. New Hack Tools
63. Hack Tool Apk
64. Hacking Tools For Mac
65. Hacker Tools Free
66. Game Hacking
67. Pentest Tools Alternative
68. Hack Tools Online
69. Pentest Tools Review
70. Pentest Tools Review
71. Hackers Toolbox
72. Hacking Tools Usb
73. Blackhat Hacker Tools
74. Hacker Tools For Windows
75. Blackhat Hacker Tools
76. Hack Tools Mac
77. Best Hacking Tools 2020
78. Hack Tools Download
79. Hacking Tools 2019
80. Easy Hack Tools
81. Pentest Tools List
82. Hacker Hardware Tools
83. Tools For Hacker
84. Pentest Tools Website Vulnerability
85. Hacker Tools For Windows
86. Bluetooth Hacking Tools Kali
87. Wifi Hacker Tools For Windows
88. Hacking Apps
89. Hack Website Online Tool
90. Hacking Tools And Software
91. Hacking Tools Github
92. Github Hacking Tools
93. Pentest Tools Url Fuzzer
94. Hacking Tools Windows 10
95. Hacker Tools Hardware
96. Blackhat Hacker Tools
97. Hack Tools
98. Hak5 Tools
99. Pentest Tools Nmap
100. Github Hacking Tools
101. Pentest Tools
102. Hack Tools Pc
103. Growth Hacker Tools
104. Hacking Tools Pc
105. Hack Rom Tools
106. New Hack Tools
107. Pentest Tools For Ubuntu
108. Pentest Tools Website
109. Nsa Hack Tools Download
110. Hack Tools For Ubuntu
111. Hacker Tools Windows
112. Hacking Tools And Software
113. Hacking Tools Kit
114. Hacker Tools Free Download
115. Pentest Automation Tools
116. Pentest Tools Review
117. Hack Tool Apk No Root
118. Blackhat Hacker Tools
119. Wifi Hacker Tools For Windows
120. Hacking Tools For Windows
121. Pentest Tools Port Scanner
122. Android Hack Tools Github
123. Pentest Tools For Windows
124. Pentest Recon Tools
125. Hack Tools Github
126. Hacking Tools Windows 10
127. How To Make Hacking Tools
128. Hacker Tools Github
129. Pentest Automation Tools
130. Nsa Hack Tools
131. Pentest Tools For Ubuntu
132. Best Pentesting Tools 2018
133. Pentest Tools Online
134. Black Hat Hacker Tools
135. Hacking Tools Software
136. Hacker Tools Linux
137. Best Hacking Tools 2019
138. Pentest Tools Android
139. Pentest Reporting Tools
140. Pentest Tools List
141. Bluetooth Hacking Tools Kali
142. Pentest Box Tools Download
143. Pentest Tools Tcp Port Scanner
144. Pentest Tools Find Subdomains
145. Free Pentest Tools For Windows
146. Hacking Tools Windows 10
147. Underground Hacker Sites
148. Hack Tool Apk
149. Hacking Tools
150. Game Hacking
151. Hak5 Tools
152. Hacker Tools For Ios
153. Hacker Tools Free Download
154. Blackhat Hacker Tools