After gaining my OSCP in June I decided to go deeper into exploitDev and shellcoding.
And here we are, this is the first of seven posts for the SLAE certification. Addidionally you can find all files on my github account.
Building a bind_shell shellcode is the first task.
The picture shows the libemu analyze of the metasploit payload. It seems we need to check the manpages of the syscalls socket, bind, listen and accept.
At first we create a socket:
Okay, next step is binding our port (0x052B is reverseHex for 11013) . The port should be easy to change, so i placed a comment 😉
Okay lets try it.
Great, we build a shellcode to bind a port in assembly from the scratch and it works 😂
This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:
Student ID: SLAE-1036