SLAE32

This category will include 5-7 assignments required for completing and passing SLAE32 exam.

by

Introduction Polymorphism is a technique used to mutate code in a way that will keep the original function intact. For example, 1+1 and 4-2 both achieve the same result while using different values and operations. Polymorphic shellcode can aid in efforts to evade anti-virus and IDS/IPS. This post will look at couple shellcodes and how to produce polymorphic

by

Introduction  In this post, we will analyze three samples of Linux x86 based shellcode generated by msfvenom using different tools. Now before going into the next section here’s the list of what is available to us.

Shellcode I The first shellcode we’ll look at is adduser, the following are the options that needs to be

by

Introduction According to English dictionary, encode is converting something, such as a body of information from one system of communications to another; especially: to convert a message into code. This blog post will combine three basic encoding operations (more on that later) to encode sample shellcode and then decode/execute it to demonstrate the concept. Encoder In

by

Introduction What is egg hunter? and why on earth would you need it? This post will answer these questions and discuss access() syscall, which will be a vital part of our shellcode. The post will then conclude by demoing a working egg hunter shellcode. Please note all of the work here is based off of Skape’s

by

Introduction Reverse TCP shell consist of three syscalls, one for setting up socket that includes socket(), connect() functions. The second syscall is dup2() for file descriptors, and the last syscall execve() is used to spawn shell upon successful TCP connection. Please note that most of the functions mentioned here have already been covered in my

by

Introduction Bind TCP shell require three syscalls, one for setting up socket that includes socket(), bind(), listen(), and accept() functions. The second syscall is dup2() for file descriptors, and the last syscall execve() used to spawn shell upon receiving a successful TCP connection. This post is an in depth analysis of those syscalls and/or functions