Description: Shellcode from public resources might not always be "ready for immediate use" - In many cases the author of the shellcode might have left placeholders for modification. If you do not know how to look into and make these modifications then the shellcode would be useless to you.
Here is one case: http://www.shell-storm.org/shellcode/files/shellcode-611.php
In this video, we first analyze the shellcode and see that it uses execve to run wget with the URL to download. The shellcode author has hardcoded the URL as "aaaa" which would be useless if you were a copy-paste person :)
We understand how the shellcode functions and use Python shortcuts to create the shellcode for the file name to download. This video is a quick and dirty guide to modifying shellcode :) Enjoy and Let me know your comments.
This free video is sponsored by SecurityTube Certifications: http://securitytube-training.com
Tags: hod , shellcode , modify , download , url ,
Interesting video! I am awaiting for the shellcode encoder one which you promised on Facebook.
Whoo hoo! Another nice freebie clip :-D
Just like your Assembly MegaPrimer this stuff is helping me understand Jon Erickson's book _Hacking: The Art of Exploitation_ better. Love how you keep going back to Python too. So easy to scratch up quick-n-dirty scripts to do simple tasks and there is so much included in the standard releases.
@John-Nash the encoder video is up :) check it out.
@MaskedPhrogg Thanks! yup, prototyping in Python is just fantastic :) love the language ...
Thank you so much, Vivek! Amazing video.
Marvelous video Vivek ,everything is clear and illustrated , by the way , i'am one of your students in the amazing course SLAE , thanks sooooooooo much , Viva Vivek . ;)
Good video.
Good video.
http://www.youtube.com/watch?v=cHJ_GHMUe7g
wOW I was impressed, will take the course. Taking some others right now but I will. thxs I'm relearning binary code an know no c-shell stuff but Im learning thxs.
Vivek, you are doing an amazing job. I my educational seminar, I always mention your website as one of the good website for security learning.
Adhyan Innovative Learning
www.iadhyan.com
404 !!
hey vivek! great job! :) i just came accross one question and hope you or the community is able to help me :) How can i get the shellcode of the windows/shell_reverse_tcp exploit into a working exe file? Everytime i am try to generate it with metasploit "generate -b '\x00' and get the shellcode into the c file, compile it and execute it, nothing will happen. Can someone pls tellm e how to figure this out? would be important for me! :) thanks so far. Also done it this way via assembler, not working for me :/