Tag Archives: windows

WanaCryptor File Encryption and Decryption

Introduction This is a quick post about the WanaCryptor ransomware wreaking havoc on many networks across the world this weekend. With all the news coverage, most of you already know the trouble caused by it. Once executed on a system, … Continue reading

Posted in cryptography, encryption, malware, public key exchange, security, windows | Tagged , , , , , , , , | 8 Comments

Shellcode: Fido and how it resolves GetProcAddress and LoadLibraryA

Introduction A tool to modify existing metasploit payloads for windows called Fido was recently published by Joshua Pitts, the author of Backdoor Factory. Fido will strip this assembly code responsible for resolving API addresses in the export directory and replace … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , , , , | Leave a comment

Shellcode: Dual mode PIC for x86 (Reverse and Bind Shells for Windows)

Introduction In a nutshell, we’re mixing 32 and 64-bit x86 opcodes so that regardless of the operating system mode (legacy or long), our Position Independent Code (PIC) will still execute successfully. Although some of the code requires conditional jumps, we … Continue reading

Posted in assembly, programming, security, shellcode, windows | Tagged , , , , , | 1 Comment

Shellcode: Resolving API addresses in memory

Introduction A basic but core function of all Position Independent Code (PIC) for windows is to resolve the address of API functions at runtime. It’s an important task with a number of options available. Here, we’ll examine 2 popular methods … Continue reading

Posted in assembly, programming, shellcode, windows | Tagged , , , , , , , , | 2 Comments

Shellcode: A Windows PIC using RSA-2048 key exchange, AES-256, SHA-3

Introduction This won’t be a tutorial on writing shellcode although you might glean something useful from the source code when writing your own PIC in C. This is a PIC (Position Independent Code) for the Windows Operating System written in … Continue reading

Posted in assembly, cryptography, diffie hellman merkle, networking, programming, public key exchange, security, shellcode, windows | Tagged , , , , , , , | 1 Comment

Shellcode: Execute command for x32/x64 Linux / Windows / BSD

Introduction I was hoping to present here a code that would execute perfectly on 32/64-bit Linux/BSD and Windows systems derived from code discussed here The 64-bit code will execute on all 3 systems but not 32-bit versions of BSD because … Continue reading

Posted in assembly, bsd, linux, shellcode, windows | Tagged , , , , , | 1 Comment

Shellcode: Detection between Windows/Linux/BSD on x86 architecture

Introduction While writing simple Linux/BSD shellcodes, I had a quick look through a FreeBSD/Linux bind shell written in 2002 by a talented coder who went by the pseudonym Z0MBiE. Some of you will know he wrote a lot of cool … Continue reading

Posted in assembly, bsd, freebsd, linux, programming, security, shellcode, windows | Tagged , , , , , , , | 4 Comments