There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?
The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.
target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv
In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.
There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:
target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -i 'dword ptr [esp + 0x30]'
Now we know that in position 174 the value 0xffffffff is set.
But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.
This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.
Lets trace the eax register to see if its a kind of counter or what is doing.
- Hacker Search Tools
- Hackers Toolbox
- Hacker Tools Hardware
- Pentest Tools Apk
- Pentest Tools Website Vulnerability
- Best Hacking Tools 2019
- Pentest Tools
- Pentest Reporting Tools
- Game Hacking
- Hacking Tools For Beginners
- Pentest Tools For Windows
- Hacker Tools Apk
- Hacker Tools Software
- Github Hacking Tools
- Hacker Tools For Windows
- Hacking Tools For Windows
- Hacking Tools 2019
- Best Hacking Tools 2019
- Pentest Tools Apk
- Pentest Reporting Tools
- Hacking App
- How To Hack
- Pentest Tools Download
- Pentest Tools For Windows
- Tools For Hacker
- Hacking Tools For Pc
- Pentest Tools Tcp Port Scanner
- Hacker Tools 2020
- Hacker Techniques Tools And Incident Handling
- Hack Website Online Tool
- Hacking Tools
- Pentest Tools Website Vulnerability
- Hacker Tools List
- Hacker Tools Windows
- Hacker Tools For Pc
- Hack Tool Apk
- Hacking Tools
- Hacker Tools Online
- Hackers Toolbox
- How To Make Hacking Tools
- Hack Rom Tools
- Pentest Tools For Windows
- Pentest Tools List
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Website Vulnerability
- Hacker Tools Apk Download
- Pentest Tools Find Subdomains
- Hacker Tools For Mac
- Pentest Tools Alternative
- Best Hacking Tools 2019
- Pentest Tools Url Fuzzer
- Hacking Tools Free Download
- Pentest Box Tools Download
- Hacker Hardware Tools
- World No 1 Hacker Software
- Growth Hacker Tools
- Hack Tools Github
- Hacker Tools Mac
- Pentest Tools Linux
- What Are Hacking Tools
- Hack Tool Apk No Root
- Top Pentest Tools
- Hacker Tools For Pc
- Hack Tools
- Best Hacking Tools 2020
- Hacking Tools Online
- Termux Hacking Tools 2019
- Hacking Tools Hardware
- How To Hack
- Wifi Hacker Tools For Windows
- World No 1 Hacker Software
- Hack Tools Mac
- Beginner Hacker Tools
- Pentest Tools For Android
- Bluetooth Hacking Tools Kali
- Android Hack Tools Github
- Hacking Tools Online
- Hacking Tools And Software
- Hacking Tools 2020
- Hacker
- Physical Pentest Tools
- Pentest Tools Tcp Port Scanner
- Hacking Tools Software
- Hack Tools For Games
- Hack Apps
- Hack Tools For Ubuntu
- Hacking Tools And Software
- Hackrf Tools
- Hacker Tools List
- Pentest Tools Website Vulnerability
- Hack Apps
- Beginner Hacker Tools
- Tools 4 Hack
- Hack Tools 2019
- Tools For Hacker
- Hacking Tools Software
- Easy Hack Tools
- Hack Tools For Pc
- Hacking App
- Hacker Tools Online
No comments:
Post a Comment