Author Archives: Odzhan

Shellcode: A Tweetable Reverse Shell for x86 Windows

Introduction Since being granted a 280 character limit, many twitter users have been embedding all kinds of code into a single message. This will be a quick post showing a tweetable reverse shell for x86 windows. You’ll have to forgive … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , | Leave a comment

Polymorphic Mutex Names

Introduction Perhaps there was never any legitimate reason to use Polymorphic Mutex Names, so it’s understandable many developers never provided a solution. It could be argued, poly mutexes serve only as a way for malicious applications to evade detection. On … Continue reading

Posted in cryptography, programming, windows | Tagged , , , , | Leave a comment

Shellcode: Linux ARM (AArch64)

Introduction I’ve no idea how useful these will be since they were only tested on Linux Ubuntu. They were more or less derived from 32-bit codes shown here, except there’s no attempt at all to eliminate null bytes, and there … Continue reading

Posted in arm, assembly, security, shellcode | Tagged , , , | Leave a comment

Shellcode: Linux ARM Thumb mode

Introduction Just a quick post about some shellcodes for a raspberry pi 3 I purchased recently to learn ARM assembly. I highly recommend Writing ARM Assembly by Azeria Labs which brought me up to speed with the ARM architecture. For … Continue reading

Posted in arm, assembly, pi, raspberry, security, shellcode | Tagged , , , , , | 1 Comment

Emulation of AESENC and AESENCLAST instructions in x86 assembly

Introduction aesenc and aesenclast are AES-NI instructions impelemented on the x86 architecture. Recently, a well known cryptographer J.P Aumasson published code to emulate these instructions in C, which would be very useful for emulators, and virtual machines in general. The … Continue reading

Posted in assembly, cryptography, encryption, security | Tagged , , , , , , , | Leave a comment

Shellcode: Windows API hashing with block ciphers ( Maru Hash )

Introduction String/Pattern Matching Algorithms are by far the most popular and easy way to detect a shellcode. The principle is simple: all codes have unique characteristics which can be used as signatures to identify in memory. Even shellcodes with no … Continue reading

Posted in assembly, programming, shellcode, windows | Tagged , , , , , | Leave a comment

Shellcode: The hunt for GetProcAddress

Introduction Recently revealed by Alex Ionescu, future releases of Windows will include Enhanced Mitigation Experience Toolkit (EMET) built into the kernel. As more mitigation features appear in MSVC and the Windows operating system, the difficulty of locating API to exploit … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , | 3 Comments