Tag Archives: shellcode

Shellcode: A Tweetable Reverse Shell for x86 Windows

Introduction Since being granted a 280 character limit, many twitter users have been embedding all kinds of code into a single message. This will be a quick post showing a tweetable reverse shell for x86 windows. You’ll have to forgive … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , | Leave a comment

Shellcode: Linux ARM (AArch64)

Introduction I’ve no idea how useful these will be since they were only tested on Linux Ubuntu. They were more or less derived from 32-bit codes shown here, except there’s no attempt at all to eliminate null bytes, and there … Continue reading

Posted in arm, assembly, security, shellcode | Tagged , , , | Leave a comment

Shellcode: Linux ARM Thumb mode

Introduction Just a quick post about some shellcodes for a raspberry pi 3 I purchased recently to learn ARM assembly. I highly recommend Writing ARM Assembly by Azeria Labs which brought me up to speed with the ARM architecture. For … Continue reading

Posted in arm, assembly, pi, raspberry, security, shellcode | Tagged , , , , , | 1 Comment

Shellcode: The hunt for GetProcAddress

Introduction Recently revealed by Alex Ionescu, future releases of Windows will include Enhanced Mitigation Experience Toolkit (EMET) built into the kernel. As more mitigation features appear in MSVC and the Windows operating system, the difficulty of locating API to exploit … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , | 3 Comments

Shellcode: x86 optimizations part 1

Introduction What follows are a number of basic ways to compact shellcodes. In a follow up post, I’ll discuss a few ways to obfuscate them which might be useful for evading signature detection algorithms. Some of the examples illustrated here … Continue reading

Posted in assembly, programming, shellcode | Tagged , , , , | Leave a comment

Shellcode: Dual Mode (x86 + x86-64) Linux shellcode

Introduction Someone asked me recently what do you mean by “dual mode shellcode”? and it seems the wording is slightly ambiguous to those unfamiliar with the different operating modes of a CPU like x86 so I just wanted to clarify … Continue reading

Posted in assembly, linux, programming, security, shellcode | Tagged , , , , , | Leave a comment

Shellcode: Fido and how it resolves GetProcAddress and LoadLibraryA

Introduction A tool to modify existing metasploit payloads for windows called Fido was recently published by Joshua Pitts, the author of Backdoor Factory. Fido will strip this assembly code responsible for resolving API addresses in the export directory and replace … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , , , , | Leave a comment