Sunday, January 21, 2024

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


Related news


  1. Free Pentest Tools For Windows
  2. Github Hacking Tools
  3. Hacking Tools And Software
  4. Pentest Tools Url Fuzzer
  5. Pentest Tools List
  6. Pentest Tools Website Vulnerability
  7. Hack Tools For Pc
  8. Pentest Tools Open Source
  9. Hack Rom Tools
  10. Hacker Search Tools
  11. Hacking App
  12. Android Hack Tools Github
  13. Blackhat Hacker Tools
  14. Pentest Tools Apk
  15. Hacking Tools For Kali Linux
  16. Pentest Tools For Mac
  17. Nsa Hack Tools
  18. Pentest Tools Find Subdomains
  19. Hacker Tools For Ios
  20. Pentest Tools Bluekeep
  21. Pentest Tools Download
  22. Hacking Tools Hardware
  23. Pentest Recon Tools
  24. Nsa Hack Tools
  25. Pentest Recon Tools
  26. Hacker Tools List
  27. Hacker Tools Windows
  28. Hacker
  29. Hack Tools 2019
  30. Hack Tools For Windows
  31. Hack Tools Pc
  32. Hackrf Tools
  33. Pentest Tools Open Source
  34. Hacking Tools Kit
  35. Hack Tools For Games
  36. Pentest Tools Framework
  37. Hack Tools Mac
  38. Hacks And Tools
  39. Blackhat Hacker Tools
  40. World No 1 Hacker Software
  41. Hacking Tools Github
  42. Pentest Tools Tcp Port Scanner
  43. Pentest Tools Linux
  44. Hacker Tools
  45. Hacker
  46. Hacker Tools 2020
  47. Hacker Tools For Pc
  48. Nsa Hack Tools
  49. Tools Used For Hacking
  50. Hack Tools Github
  51. Physical Pentest Tools
  52. Hacking Apps
  53. Pentest Tools Open Source
  54. Hacker Tools 2020
  55. Hacking Tools And Software
  56. Hackers Toolbox
  57. What Is Hacking Tools
  58. Hack Tools Github
  59. Game Hacking
  60. Hacking Tools Download
  61. Hacker Tools Hardware
  62. Hack Tools Online
  63. Tools Used For Hacking
  64. Hacker Tools
  65. Underground Hacker Sites
  66. Hack Tools 2019
  67. Hacking Tools Usb
  68. Hacker Tools
  69. Pentest Tools Github
  70. Hacker Tools Software
  71. Best Pentesting Tools 2018
  72. Hacker Tools Free Download
  73. Bluetooth Hacking Tools Kali
  74. Hacking Tools For Windows
  75. Hacker Tools Apk
  76. Hacker Security Tools
  77. Usb Pentest Tools
  78. Hack Tools For Ubuntu
  79. Hacking Tools Pc
  80. Bluetooth Hacking Tools Kali
  81. Hacker Tools Windows
  82. Hacking Tools For Kali Linux
  83. Hacking Tools 2020
  84. Hack Tools Mac
  85. Hacking Apps
  86. Hacking Tools And Software
  87. Hacker Tools Linux
  88. Hack Tools For Mac
  89. Hack Tools Mac
  90. Pentest Tools Port Scanner
  91. Hacker Tools Apk
  92. Pentest Tools Github
  93. Blackhat Hacker Tools
  94. Black Hat Hacker Tools
  95. Hacking Tools Mac
  96. Pentest Box Tools Download
  97. Hacker Tools Mac
  98. Hack Website Online Tool
  99. Pentest Tools Website
  100. Hacking Tools Windows 10
  101. Hack Tools For Pc
  102. Physical Pentest Tools
  103. Hacking Tools Hardware
  104. Hacker Tools List
  105. Hacker Tools For Windows
  106. Hack Tools Github
  107. Hacking Tools Software
  108. Pentest Tools For Android
  109. Hack Tools For Windows
  110. Pentest Tools
  111. Hacker Tools Apk
  112. Pentest Tools Free
  113. Hack App
  114. Pentest Tools Windows
  115. Hack Apps
  116. Hacker Tools For Mac
  117. Hacker Techniques Tools And Incident Handling
  118. Growth Hacker Tools
  119. Hacker Tools For Mac
  120. Hack Tools For Ubuntu
  121. Hacker Tools For Windows
  122. Best Pentesting Tools 2018
  123. Hacking Tools
  124. Termux Hacking Tools 2019
  125. Termux Hacking Tools 2019
  126. Hackrf Tools
  127. Hack Tools For Mac
  128. Underground Hacker Sites
  129. Hacker Tools For Pc
  130. Hacker Tools Free

0 comments:

Post a Comment