Description: This video is part of the Hack of the Day series. Please begin by watching Part 1 here: http://securitytube.net/hod
In this video, we will look at building an interesting shellcode encoder in Python --- the encoder takes a shellcode, XORs it with a given byte and converts the resultant data into a series of PUSH statements. Now, with the encoded shellcode all on the stack, we write a decoder in assembly to decode the shellcode and then execute it.
The fun of this technique is that rather than pasting the shellcode into the script, it reads it from stdin. This means you can pretty much use any shellcode along with it - including that from Metasploit. Of course, you will need to select an encoder byte for the XOR in such a way that the output shellcode does not have a 0x00 byte in it.
Enjoy and leave behind your comments!
Tags: hod , shellcode , encoder , decoder , python , asm , assembly , xor ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Superb! I have received the SLAE course so I'll be starting it this week! I really like this hack of the day! I hope it keeps up!
Dear Vivek Sir, I have already known about the special and effective cources which Security Tube Is providing to us!!!
Bt i have a Query!!! The Online Cource is little bit toughy for me to attend!!! I would like to ask 1 thing that; do u have a Training Centre anywhere???
Im in Delhi!!! so giving exams and taking classes may also give us an effective environment to learn diff. cources!!! :)
Hope u will reply my Query!!! Thnk u Sir!!! :)
@ Ranju not to cut in the way of Vivek but, he does have onsite classes.
http://securitytube-training.com/onsite-training/reverse-engineering-on-windows-and-linux/
The usual courses he provided are downloadable to study at your own time and leisure.
Just wanted to try to answer your question .Hope it helps!
Thank u @aperture Security!! It helped me!!! :)
bt i have another query!!! to Vivek Sir,
sir do u conduct any wrkshp/conference in Delhi???or anywhere??? if yes, we students are really interested to learn something frm u directly!!! :) Hope u will provide some wrkshps/conference in Delhi!!! :)
Thank u @aperture Security!! It helped me!!! :)
bt i have another query!!! to Vivek Sir,
sir do u conduct any wrkshp/conference in Delhi???or anywhere??? if yes, we students are really interested to learn something frm u directly!!! :) Hope u will provide some wrkshps/conference in Delhi!!! :)
Thank u @aperture Security!! It helped me!!! :)
bt i have another query!!! to Vivek Sir,
sir do u conduct any wrkshp/conference in Delhi???or anywhere??? if yes, we students are really interested to learn something frm u directly!!! :) Hope u will provide some wrkshps/conference in Delhi!!! :)
@Ranju - @ApertureSecurity is right. Currently I have no plans of in-person classes in India. This may change in the coming years, but definitely not in 2013. Thanks! :)
@Hack of the Day! Thnk u for the info!! Eagerly waiting for ur conferece/wrkshp in Delhi! Do u know y i have demanded this query?? :)
If you are conducting a 3day conference/wrkshp then it will be much helpful than taking classes online bcz this gives a direct interaction with mentors and noobs!!!
i am not saying that online classes are useless; they are defenitely useful!! bt hope u gt my point and will consider my point in the coming yrs!! :)
Thank u HOD!!! :)