SLAE64: Conclusion

This is it! The final assignment for the SecurityTube Linux Assembly Expert certification is finally done and published.

I highly recommend the course for anyone interested in learning about Linux, Assembly and Shellcoding. Very interesting stuff.

Below are the links for the posts containing the certification assignments

SLAE64: Assignment 1 Bind TCP Shell with password

SLAE64: Assignment 2 Reverse TCP Shell

SLAE64: Assignment 3 – Egg Hunter

SLAE64: Assignment 4 – Custom Encoder

SLAE64: Assignment 5 Metasploit payloads analysis #1

SLAE64: Assignment 5 Metasploit payloads analysis #2

SLAE64: Assignment 5 Metasploit payloads analysis #3

SLAE64: Assignment 6 Polymorphic shellcodes

 


This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert Certification.

Student ID: SLAE64-1440

SLAE64: Assignment 6 – Polymorphic shellcodes

For assignment 6 of the SecurityTube Linux Assembly Expert certification the idea is to create polymorphic versions of existing shellcodes, specifically taken from shell-storm.org.

A polymorphic version of a shellcode is just the same functionality written with different instructions, registers and including nop instructions to break patterns and prevent detection.

For this assignment I chose the following shellcodes to work with:

  1. Linux/x86-64 – Read /etc/passwd – 82 bytes
  2. Linux/x86-64 – Add map in /etc/hosts file – 110 bytes
  3. Linux/x86-64 – setuid(0) + execve(/bin/sh) – 49 bytes

Continue reading SLAE64: Assignment 6 – Polymorphic shellcodes

SLAE64: Assignment 5 – Metasploit payloads analysis #3

This is the last payload that I’ve debugged so far for the 5th assignment on SecurityTube Linux Assembly Expert certification.

This time I opted by looking at the payload linux/x64/exec with the option to run ‘/bin/sh’.

Continue reading SLAE64: Assignment 5 – Metasploit payloads analysis #3

SLAE64: Assignment 5 – Metasploit payloads analysis #1

For the 5th assignment of the SecurityTube Linux Assembly Expert certification, I needed to analyze some metasploit payloads for Linux x64.

I started by looking at the linux/x64/shell_reverse_tcp.

Continue reading SLAE64: Assignment 5 – Metasploit payloads analysis #1

SLAE64: Assignment 4 – Custom Encoder

This is assignment #4 for the SecurityTube Linux Assembly Expert certification. It consists in the implementation of a custom encoder.

Encoding is a common strategy for obfuscating a shellcode payload as to avoid signature and pattern detection.

Continue reading SLAE64: Assignment 4 – Custom Encoder