Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Read more

1. Pentest Tools Online
2. Hacks And Tools
3. Pentest Tools Alternative
4. Hacker Tools
5. Hacking Tools Software
6. Hacking Apps
7. Hacker Techniques Tools And Incident Handling
8. Pentest Tools Find Subdomains
9. Pentest Tools Subdomain
10. Growth Hacker Tools
11. Free Pentest Tools For Windows
12. Hacker Tools For Pc
13. Pentest Tools Windows
14. Pentest Tools Apk
15. Pentest Reporting Tools
16. Hack Tools For Mac
17. Wifi Hacker Tools For Windows
18. Pentest Tools Bluekeep
19. Nsa Hack Tools Download
20. Pentest Tools Website Vulnerability
21. Pentest Tools Bluekeep
22. What Is Hacking Tools
23. Hacking Tools For Games
24. Pentest Tools
25. Kik Hack Tools
26. Tools For Hacker
27. Pentest Tools Windows
28. Blackhat Hacker Tools
29. Pentest Reporting Tools
30. Nsa Hack Tools Download
31. Hacker Tools Free
32. Hack Tool Apk No Root
33. Pentest Tools Port Scanner
34. What Is Hacking Tools
35. Hacking Tools Windows
36. Hack Rom Tools
37. Pentest Tools For Android
38. Pentest Tools For Ubuntu
39. Hacker Tools Linux
40. Hacking Tools 2019
41. Best Hacking Tools 2019
42. Hacking Tools And Software
43. Bluetooth Hacking Tools Kali
44. Hacking Tools Github
45. What Is Hacking Tools
46. How To Hack
47. Nsa Hack Tools
48. Pentest Tools For Windows
49. Tools 4 Hack
50. Hack Website Online Tool
51. Hacker Tools Hardware
52. Hacking Tools Hardware
53. Pentest Automation Tools
54. Hack Tools Online
55. Blackhat Hacker Tools
56. Hacking Tools For Windows 7
57. Hacker Tools Free Download
58. Hack Rom Tools
59. Hacker Tools Github
60. Hacker Tools Linux
61. Hacking Tools For Windows 7
62. Pentest Tools Nmap
63. Pentest Automation Tools
64. Hacking Tools Free Download
65. Hacker Techniques Tools And Incident Handling
66. Pentest Reporting Tools
67. Bluetooth Hacking Tools Kali
68. Hacker Tools Windows
69. Hacker Security Tools
70. Hacking Tools Download
71. Hacker
72. World No 1 Hacker Software
73. Pentest Tools Nmap
74. Hacking Tools Pc
75. Pentest Tools Port Scanner
76. Hacking Tools Pc
77. Github Hacking Tools
78. Hackrf Tools
79. Hack Tools For Pc
80. Physical Pentest Tools
81. Best Pentesting Tools 2018
82. Android Hack Tools Github
83. Hacking Tools Kit
84. Hacker Tools Apk Download
85. Pentest Tools Open Source
86. Hacking Tools For Windows 7
87. Hacking Tools Software
88. Pentest Tools Url Fuzzer
89. Black Hat Hacker Tools
90. Hacking Tools Usb
91. Pentest Tools Online
92. Hacking Tools For Kali Linux
93. Hacking Tools
94. Hack Tools 2019
95. Pentest Tools Framework
96. Pentest Tools For Windows
97. Pentest Tools Tcp Port Scanner
98. Hacker Tools 2020
99. Best Pentesting Tools 2018
100. Hacker Tools List
101. Hacking Tools For Windows
102. Top Pentest Tools
103. Pentest Tools Open Source
104. Hacks And Tools
105. Pentest Tools Subdomain
106. Hack Tools Download
107. Hacker Tools Free
108. Hacking Tools For Games
109. Pentest Tools Framework
110. Hacker Tools For Mac
111. Growth Hacker Tools
112. Hacking Tools Windows 10
113. Hacker Tools Mac
114. Hacking Tools For Beginners
115. Game Hacking
116. Hacker Tools 2019
117. Top Pentest Tools
118. Hack Rom Tools
119. Hack Tools Download
120. Hacking Tools Windows 10
121. Hackrf Tools
122. Pentest Tools Website Vulnerability
123. Pentest Tools Alternative
124. Hacking Tools Free Download
125. Hackrf Tools
126. Hacker Tools 2019
127. Free Pentest Tools For Windows
128. Hacking Tools Mac
129. Pentest Tools For Windows
130. Pentest Tools Alternative
131. Hack Tools For Ubuntu
132. Hacking Tools And Software
133. Hacker Tools 2020
134. Pentest Tools Port Scanner
135. Pentest Tools For Android
136. Pentest Tools Website
137. Pentest Tools Linux
138. Pentest Tools Online
139. Hacks And Tools
140. World No 1 Hacker Software
141. Pentest Tools Online
142. Hacking Tools Software
143. Black Hat Hacker Tools
144. Pentest Tools For Mac
145. Hacker Tools For Ios
146. Hacker Tools For Windows