Follow us
Description: Shellcode from public resources might not always be "ready for immediate use" - In many cases the author of the shellcode might have left placeholders for modification. If you do not know how to look into and make these modifications then the shellcode would be useless to you.
Here is one case: http://www.shell-storm.org/shellcode/files/shellcode-611.php
In this video, we first analyze the shellcode and see that it uses execve to run wget with the URL to download. The shellcode author has hardcoded the URL as "aaaa" which would be useless if you were a copy-paste person :)
We understand how the shellcode functions and use Python shortcuts to create the shellcode for the file name to download. This video is a quick and dirty guide to modifying shellcode :) Enjoy and Let me know your comments.
This free video is sponsored by SecurityTube Certifications: http://securitytube-training.com
Tags: hod , shellcode , modify , download , url ,
Latest from the SecurityTube Blog:
Comments (8):
Login to post a comment
-
Hack Of The Day: Customizing Shellcode For Fun And Profit
-
Hack Of The Day: How Do I Run Untrusted Shellcode?
-
Securitytube Linux Assembly Expert Exam Format
-
[Slae] Writing An Custom Insertion Encoder
-
[Slae] Execve Shellcode Stack Method
-
[Slae] Shellcoding Basics
-
[Slae] Using Libc And Nasm
-
[Slae] Hello World In Assembly Language
-
[Slae] What Is Assembly Language?
-
Securitytube Linux Assembly Expert (Slae) Course Introduction
-
Dumping Class Information In Ios Applications Using Class-Dump-Z
-
Setting Up Sogeti's Data Protection Tools On Ios
-
Creating A Remote Root Shell Using Bash And Launchd On Ios 6.0.1
-
Monitoring Strcpy With Bphook In The Immunity Debugger
-
Securitytube Gnu Debugger Expert: Part 14: Gdb On 64 Bit Systems
-
Securitytube Gnu Debugger Expert: Part 13: Iphone Application Reversing And Cracking With Gdb
-
Securitytube Gnu Debugger Expert: Part 12: Cracking A Simple Program On Arm Architectures
-
Securitytube Gnu Debugger Expert: Part 11: Setting Up Debian Armel In Qemu
-
Securitytube Gnu Debugger Expert: Part 10: Conditional Breakpoints Using Variables And Registers
-
Securitytube Gnu Debugger Expert - Part 9: Disassembling And Cracking A Simple Binary
Interesting video! I am awaiting for the shellcode encoder one which you promised on Facebook.
Whoo hoo! Another nice freebie clip :-D
Just like your Assembly MegaPrimer this stuff is helping me understand Jon Erickson's book _Hacking: The Art of Exploitation_ better. Love how you keep going back to Python too. So easy to scratch up quick-n-dirty scripts to do simple tasks and there is so much included in the standard releases.
@John-Nash the encoder video is up :) check it out.
@MaskedPhrogg Thanks! yup, prototyping in Python is just fantastic :) love the language ...
Thank you so much, Vivek! Amazing video.
Marvelous video Vivek ,everything is clear and illustrated , by the way , i'am one of your students in the amazing course SLAE , thanks sooooooooo much , Viva Vivek . ;)
Good video.
Good video.