Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Continue reading

1. Hacker Hardware Tools
2. Hacker Tools 2019
3. Pentest Tools
4. Pentest Reporting Tools
5. Hack Apps
6. Hacking App
7. Hacking Tools For Kali Linux
8. Hacking Tools Kit
9. Hacker Tools Github
10. Hacking Tools Kit
11. Hack Tool Apk No Root
12. Hacking Tools Mac
13. Game Hacking
14. Pentest Tools Port Scanner
15. What Are Hacking Tools
16. Pentest Tools Android
17. Hack Tools 2019
18. Hack Tools For Mac
19. Pentest Automation Tools
20. Hack Tools For Mac
21. Hacker Tools Hardware
22. Hack Tool Apk
23. Hacking Tools Windows 10
24. Pentest Tools Android
25. Pentest Tools Url Fuzzer
26. Hack Tools Online
27. Pentest Reporting Tools
28. Hacking Tools Online
29. Hacker
30. Github Hacking Tools
31. Tools 4 Hack
32. Pentest Tools Android
33. Hacking Tools Pc
34. Pentest Tools Github
35. Pentest Tools Windows
36. Hacker Tools For Ios
37. Hacker Tools Apk Download
38. Hacking Tools For Beginners
39. How To Hack
40. Pentest Tools Windows
41. Hacker Tools Mac
42. World No 1 Hacker Software
43. Pentest Recon Tools
44. Pentest Tools Subdomain
45. Best Pentesting Tools 2018
46. Install Pentest Tools Ubuntu
47. Hacking App
48. Pentest Tools Website Vulnerability
49. Hacker Tools Online
50. Underground Hacker Sites
51. Pentest Tools
52. Pentest Tools Website Vulnerability
53. Pentest Tools Find Subdomains
54. Hacker Tools 2019
55. Pentest Tools For Android
56. Hack And Tools
57. Hacker Tools List
58. Hacker Tools For Ios
59. Hacker Tools 2020
60. Hack Tools Mac
61. Hacker Search Tools
62. Hacker Tool Kit
63. Pentest Tools Review
64. Hacking Tools Mac
65. Hacker Tools Software
66. Tools 4 Hack
67. Hacker Tools For Ios
68. Hacking App
69. Kik Hack Tools
70. Nsa Hack Tools Download
71. Kik Hack Tools
72. Pentest Tools Alternative
73. Hacking Tools Mac
74. Hacker Tools Free
75. Hack Website Online Tool
76. Usb Pentest Tools
77. Hacking Tools For Windows 7
78. What Is Hacking Tools
79. Hack App
80. Pentest Automation Tools
81. Hacker Tools For Mac
82. Hack Tools
83. Hacking Tools
84. Tools For Hacker
85. Physical Pentest Tools
86. Pentest Box Tools Download
87. Hack Tools
88. Hacking Tools For Beginners
89. Hacker Tools For Mac
90. Hacking Tools Software
91. Tools 4 Hack
92. Beginner Hacker Tools
93. Hack App
94. Black Hat Hacker Tools
95. Hacking Tools Kit
96. Pentest Tools Port Scanner
97. Hack Tools For Mac
98. Hacker Tools For Windows
99. Pentest Tools For Android
100. Hacker Tools For Pc
101. Hacking Tools For Windows
102. Pentest Tools Website
103. Hack Tools Github
104. Hacks And Tools
105. Best Pentesting Tools 2018
106. Hack Tools For Ubuntu
107. Hack Tools For Pc
108. Easy Hack Tools
109. Hacking Tools Pc
110. Blackhat Hacker Tools
111. Usb Pentest Tools
112. Pentest Tools For Ubuntu
113. Hacking Tools Online
114. Hacking Tools For Windows
115. Hacking Apps
116. Hacking Tools For Mac
117. How To Install Pentest Tools In Ubuntu
118. Physical Pentest Tools
119. Hacker Tools Apk Download
120. Hack Tool Apk No Root
121. Hack Apps
122. Tools For Hacker
123. Best Hacking Tools 2020
124. Pentest Tools Apk
125. Hacker Security Tools
126. Hacking Tools 2019
127. Hacker Tool Kit
128. How To Install Pentest Tools In Ubuntu
129. Hacking Tools Windows 10
130. Pentest Automation Tools
131. Hackers Toolbox
132. Hack Tools Online
133. Pentest Tools Website
134. Pentest Tools
135. Hack Tools For Windows
136. Hack App
137. Pentest Tools Website Vulnerability
138. Hacking Tools Software
139. Hacker Tools Github
140. Hacking Tools Free Download
141. How To Hack
142. Hacking Tools Pc
143. Black Hat Hacker Tools
144. Ethical Hacker Tools
145. Hacking Apps
146. Growth Hacker Tools
147. Pentest Tools List
148. Pentest Tools Apk
149. Hacking Tools 2019
150. Android Hack Tools Github
151. Hacking Tools Usb
152. Hacking Tools For Mac
153. Hacking Tools For Windows
154. Hack Tools For Pc
155. Hacks And Tools
156. Hack Tools For Games
157. Pentest Tools Alternative
158. Hacking Tools Github
159. Pentest Tools Review
160. Github Hacking Tools
161. Hacking Tools Github
162. Hacking Tools Usb
163. Pentest Tools For Mac