SLAE Assignment #2 | TCP Reverse_Shell

9. October 2017

Welcome back to my second post for the SLAE certification.

Today we are going to build a reverse_shell shellcode and again you can find the files here.

This task is very similar to the first one, so i dont have to look up new/more information. Lets switch some syscalls and registers!
The code for socket_setup, fileDescriptors and shellExecution are the same as in our bind_shell assignment.

After the socket_setup we connect to a specific port and ip, which are also marked in the code with comments:

So lets try our new shellcode:
#1 nc -lv 11013
#2 ./reverse_shell
#3 Boom!

Now we are able to own systems behind NAT with our selfwritten shellcode, nice!


This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:

Student ID: SLAE-1036

Ähnliche Beiträge

After gaining my OSCP in June I decided to go deeper into exploitDev and shellcoding. And here we are, this [...]

9. October 2017

Ready for the next level? – Method to exploit software even with small space for shellcode: EggHunting The third task [...]

9. October 2017

Hey ho, it’s time for some low-level shellcode encoding. After going through the encoder examples of the SLAE material I [...]

9. October 2017

Got time to read? This tasks was a bigger one. We have to pick 3 random metasploit payloads and analyze [...]

9. October 2017