Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Related posts

1. Hacking Tools For Mac
2. Pentest Reporting Tools
3. Best Pentesting Tools 2018
4. Hacking Tools Name
5. Android Hack Tools Github
6. Pentest Tools Review
7. Hacker Hardware Tools
8. Ethical Hacker Tools
9. Hacking Tools Github
10. Tools Used For Hacking
11. Hack Apps
12. Hacking Tools For Windows 7
13. Pentest Tools For Android
14. Pentest Tools
15. Hacking Tools For Beginners
16. Pentest Tools Android
17. Termux Hacking Tools 2019
18. Hacker Tools Windows
19. Best Hacking Tools 2020
20. Hacker Security Tools
21. Hacking Tools For Windows Free Download
22. Hack Tools For Mac
23. Hacking Tools Mac
24. Pentest Tools For Mac
25. Hack Tools Pc
26. Hacking Tools For Windows
27. Pentest Tools Windows
28. New Hack Tools
29. Hacking Tools Online
30. Hacking Tools Kit
31. Hacker Tools Free
32. Nsa Hack Tools Download
33. Hacker Techniques Tools And Incident Handling
34. Kik Hack Tools
35. Pentest Tools Alternative
36. Game Hacking
37. Best Hacking Tools 2019
38. Free Pentest Tools For Windows
39. Hackers Toolbox
40. Hack Tools Download
41. Best Hacking Tools 2020
42. Pentest Box Tools Download
43. Hack Tools For Games
44. Hacker
45. Hacking Tools Usb
46. Hack Tools Pc
47. Hacking Tools For Windows
48. Pentest Tools Tcp Port Scanner
49. Hacker Tools Apk
50. Hackrf Tools
51. Pentest Tools Online
52. Hack Rom Tools
53. Pentest Tools Url Fuzzer
54. Hacking App
55. Hacking Tools Software
56. Hack Tools Pc
57. Hacker Hardware Tools
58. Pentest Tools Review
59. Hacking Tools And Software
60. Hack Rom Tools
61. Pentest Automation Tools
62. Pentest Tools Apk
63. Hacker Search Tools
64. Bluetooth Hacking Tools Kali
65. Hacker Tools Software
66. Nsa Hacker Tools
67. Hacker Hardware Tools
68. Hacker Techniques Tools And Incident Handling
69. Best Hacking Tools 2019
70. Hack Tools Download
71. Hacker Techniques Tools And Incident Handling
72. Hack Tool Apk No Root
73. Hacker Tools 2020
74. Hacking Tools Github
75. Pentest Tools Review
76. Nsa Hack Tools
77. Hacker Search Tools
78. Hackrf Tools
79. Free Pentest Tools For Windows
80. Nsa Hack Tools
81. Hacker Tools Free Download
82. Hack Tools For Mac
83. Pentest Tools For Windows
84. Tools 4 Hack
85. Hack Rom Tools
86. Hacking Tools For Mac
87. Hack Tools
88. Free Pentest Tools For Windows
89. Pentest Tools Tcp Port Scanner
90. Free Pentest Tools For Windows
91. Termux Hacking Tools 2019
92. Hacker Tools Hardware
93. Pentest Tools
94. Hack Tools
95. Hacking Tools 2019
96. Hacker Security Tools
97. Hacking Tools 2020
98. Hack Tools 2019
99. Pentest Reporting Tools
100. Hack Tools For Ubuntu
101. Hacking Tools Windows
102. Hacking Tools For Windows 7
103. Hacker Tools Hardware
104. Hacking Tools Usb
105. Hacker Tools Software
106. Nsa Hack Tools
107. Hacker Tools Apk Download
108. Hacker Tools For Pc
109. Hack Tools For Games
110. Hacking Tools For Pc
111. Nsa Hack Tools
112. Ethical Hacker Tools
113. Easy Hack Tools
114. What Is Hacking Tools
115. Hacking App
116. Hack Tools
117. Hacking Apps
118. New Hack Tools
119. Termux Hacking Tools 2019
120. Bluetooth Hacking Tools Kali
121. Hacking Tools Github
122. Hacking Tools For Mac
123. Hacking Tools For Mac
124. Hacker
125. Hack Tools Online
126. Physical Pentest Tools
127. Hacker Tools Free Download
128. Hack Tools For Ubuntu
129. How To Install Pentest Tools In Ubuntu
130. Hacker Tools Mac
131. Bluetooth Hacking Tools Kali
132. Pentest Tools Kali Linux
133. Hack Tools
134. Hacker Tools For Pc
135. Top Pentest Tools
136. Hacker Security Tools
137. Pentest Tools Subdomain
138. Hacking App
139. Pentest Tools Framework
140. Pentest Tools Framework
141. Computer Hacker
142. Hacker Tools For Windows
143. Hack Tools For Mac
144. Hacking Tools Usb
145. Bluetooth Hacking Tools Kali
146. Hacking Tools Windows
147. Pentest Reporting Tools
148. What Is Hacking Tools
149. Hack Tools For Games
150. Pentest Tools
151. Hack Tools
152. Hacking Tools Windows
153. What Is Hacking Tools
154. Nsa Hack Tools
155. Beginner Hacker Tools
156. Pentest Tools Subdomain
157. Hacker
158. Hacking Tools Download
159. Hackers Toolbox
160. Ethical Hacker Tools
161. Pentest Tools For Android
162. Hacker Hardware Tools
163. Hack Apps