Tag Archives: shellcode

Windows Process Injection: Command Line and Environment Variables

Windows Process Injection: Command Line and Environment Variables Contents Introduction Shellcode Environment Variables Command Line Window Title Runtime Data 1. Introduction There are many ways to load shellcode into the address space of a process, but knowing precisely where it’s … Continue reading

Posted in assembly, injection, malware, process injection, programming, redteam, security, shellcode, windows | Tagged , , , , , | Leave a comment

Windows Process Injection: EM_GETHANDLE, WM_PASTE and EM_SETWORDBREAKPROC

Introduction Edit Controls Writing CP-1252 Compatible Code Initialization Set RAX to 0 Set RAX to 1 Set RAX to -1 Load and Store Data Two Byte Instructions Prefix Codes Generating Shellcode Injecting and Executing Demonstration Encoding Arbitrary Data Encoding Decoding … Continue reading

Posted in assembly, injection, process injection, programming, redteam, security, shellcode, windows | Tagged , , , , | 3 Comments

Shellcode: Encoding Null Bytes Faster With Escape Sequences

Introduction Quick post about a common problem removing null bytes in the loader generated by Donut. Replacing opcodes that contain null bytes with equivalent snippets is enough to solve the problem for a shellcode of no more than a few … Continue reading

Posted in assembly, donut, security, shellcode, windows | Tagged , , | 1 Comment

Shellcode: Recycling Compression Algorithms for the Z80, 8088, 6502, 8086, and 68K Architectures.

Recycling Compression Algorithms for the Z80, 8088, 6502, 8086, and 68K Architectures. Contents Introduction History Entropy Coding Universal code Lempel-Ziv (LZ77/LZ1) Lempel-Ziv-Storer-Szymanski (LZSS) Lempel-Ziv-Bell (LZB) Intel 8088 / 8086 LZE LZ4 LZSA aPLib MOS Technology 6502 Exomizer Pucrunch Zilog 80 … Continue reading

Posted in compression, encryption, iot, linux, optimization, programming, shellcode, windows | Tagged , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Shellcode: Data Compression

Introduction This post examines data compression algorithms suitable for position-independent codes and assumes you’re already familiar with the concept and purpose of data compression. For those of you curious to know more about the science, or information theory, read Data … Continue reading

Posted in assembly, compression, linux, malware, programming, security, shellcode, windows | Tagged , , , , | 2 Comments

Shellcode: In-Memory Execution of JavaScript, VBScript, JScript and XSL

Introduction A DynaCall() Function for Win32 was published in the August 1998 edition of Dr.Dobbs Journal. The author, Ton Plooy, provided a function in C that allows an interpreted language such as VBScript to call external DLL functions via a … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , , , | Leave a comment

Shellcode: Using the Exception Directory to find GetProcAddress

Introduction Let’s say you want the location of the GetProcAddress API in memory, but you can’t use the Import Address Table (IAT) or the Export Address Table (EAT). What other ways can you do it?. Perhaps there are many ways, … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , | 3 Comments

Shellcode: A reverse shell for Linux in C with support for TLS/SSL

Shellcode: A reverse shell in C for Linux with support for TLS/SSL Introduction History Definitions Position-independent code (PIC) Position-independent executable (PIE) Thread Local Storage or Transport Layer Security (TLS) Address Space Layout Randomization (ASLR) Executable and Link Format (ELF) Base … Continue reading

Posted in assembly, linux, shellcode | Tagged , , , , | Leave a comment

A Guide to ARM64 / AArch64 Assembly on Linux with Shellcodes and Cryptography

Introduction The Cortex-A76 codenamed “Enyo” will be the first of three CPU cores from ARM designed to target the laptop market between 2018-2020. ARM already has a monopoly on handheld devices, and are now projected to take a share of … Continue reading

Posted in arm, assembly, cryptography, linux, raspberry, shellcode | Tagged , , , , , , , , , , , | 3 Comments

Shellcode: Encrypting traffic

Introduction This will be a quick post on using encryption in a Position Independent Code (PIC) that communicates over TCP. I’ll be using the synchronous shells for Linux as examples, so just to recap, read the following posts for more … Continue reading

Posted in arm, assembly, cryptography, linux, programming, security, shellcode | Tagged , , , | 1 Comment