Tag Archives: assembly

Shellcode: The hunt for GetProcAddress

Introduction Recently revealed by Alex Ionescu, future releases of Windows will include Enhanced Mitigation Experience Toolkit (EMET) built into the kernel. As more mitigation features appear in MSVC and the Windows operating system, the difficulty of locating API to exploit … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , | 3 Comments

Shellcode: x86 optimizations part 1

Introduction What follows are a number of basic ways to compact shellcodes. In a follow up post, I’ll discuss a few ways to obfuscate them which might be useful for evading signature detection algorithms. Some of the examples illustrated here … Continue reading

Posted in assembly, programming, shellcode | Tagged , , , , | Leave a comment

Shellcode: Resolving API addresses in memory

Introduction A basic but core function of all Position Independent Code (PIC) for windows is to resolve the address of API functions at runtime. It’s an important task with a number of options available. Here, we’ll examine 2 popular methods … Continue reading

Posted in assembly, programming, shellcode, windows | Tagged , , , , , , , , | 2 Comments

Shellcode: Execute command for x32/x64 Linux / Windows / BSD

Introduction I was hoping to present here a code that would execute perfectly on 32/64-bit Linux/BSD and Windows systems derived from code discussed here The 64-bit code will execute on all 3 systems but not 32-bit versions of BSD because … Continue reading

Posted in assembly, bsd, linux, shellcode, windows | Tagged , , , , , | 1 Comment

Shellcodes: Executing Windows and Linux Shellcodes

Introduction Recently, I finished an interactive shell for windows written in C which is also position independent. The server component runs on UNIX based OS and I was trying to test out delivery of the PIC to windows machine over … Continue reading

Posted in assembly, linux, shellcode, windows | Tagged , , , , , | 2 Comments

DLL/PIC Injection on Windows from Wow64 process

Introduction Injecting Position Independent Code (PIC) into a remote process is trivial enough for a programmer but if they try using CreateRemoteThread() API from Wow64 against a 64-bit process, it fails. Transitioning from 32-bit to 64-bit was discussed by rgb/29a … Continue reading

Posted in assembly, programming, security | Tagged , , , , , , | 2 Comments

Asmcodes: Platform Independent PIC for Loading DLL and Executing Commands

Introduction A Position Independent Code (PIC) is a set of CPU instructions that will execute successfully regardless of where it resides in memory. The general idea is that it doesn’t depend on any external API or library and if it … Continue reading

Posted in assembly, programming | Tagged , , , , | 1 Comment