Month: December 2016

For assignment 6 of the SecurityTube Linux Assembly Expert certification the idea is to create polymorphic versions of existing shellcodes, specifically taken from shell-storm.org.

A polymorphic version of a shellcode is just the same functionality written with different instructions, registers and including nop instructions to break patterns and prevent detection.

For this assignment I chose the following shellcodes to work with:

1. Linux/x86-64 – Read /etc/passwd – 82 bytes
2. Linux/x86-64 – Add map in /etc/hosts file – 110 bytes
3. Linux/x86-64 – setuid(0) + execve(/bin/sh) – 49 bytes

Continue reading SLAE64: Assignment 6 – Polymorphic shellcodes

This is the last payload that I’ve debugged so far for the 5th assignment on SecurityTube Linux Assembly Expert certification.

This time I opted by looking at the payload linux/x64/exec with the option to run ‘/bin/sh’.

Continue reading SLAE64: Assignment 5 – Metasploit payloads analysis #3

The second payload that I decided to analyze for the 5th assignment of the SecuritTube Linux Assembly Expert certification was linux/x64/shell/bind_tcp.

Continue reading SLAE64: Assignment 5 – Metasploit payloads analysis #2

For the 5th assignment of the SecurityTube Linux Assembly Expert certification, I needed to analyze some metasploit payloads for Linux x64.

I started by looking at the linux/x64/shell_reverse_tcp.

Continue reading SLAE64: Assignment 5 – Metasploit payloads analysis #1

This is assignment #4 for the SecurityTube Linux Assembly Expert certification. It consists in the implementation of a custom encoder.

Encoding is a common strategy for obfuscating a shellcode payload as to avoid signature and pattern detection.

Continue reading SLAE64: Assignment 4 – Custom Encoder