HowTo: ExploitDev Fuzzing

This is a short usage guide which should explain my simple wrapper for the spike fuzzer, which you can find here. For this example i used the well known vulnserver 😉 0x01 Determine possible commands A simple nc && HELP command revealing all possible commands. 0x02 Create Text File containing commands Just Copy&Paste 😉 0x03 Fire […]

SLAE Assignment #7 | Custom Cryptor

The last post for my SLAE certification is about encryption of shellcode. As usual you can find all my files on github. Nothing special in place. Pick your favourite shellcode Use my custom AES encrypter Insert the encrypted shellcode and secret AES key into the decrypter Test the decrypted shellcode in our skeleton shellcode.c file […]

SLAE Assignment #6 | Polymorphing Shellcodes

This task (pick up 3 shellcodes from Shell-Storm and use polymorphism to beat pattern matching) sounds really sophisticated but you will see it’s a very handy way for AV evasion for your shellcode. Check my github account for the files. We have to pick three random shellcodes from shell-storm. /bin/sh /bin/sh -c “ping localhost” chmod […]

SLAE Assignment #5 | Analyze Metasploit Payloads

Got time to read? This tasks was a bigger one. We have to pick 3 random metasploit payloads and analyze their shellcode. After building bind and reverse shell in the first two posts i chose the following (check all files on my github account): Exec whoami Readfile Adduser Exec whoami First I generated my shellcode […]

SLAE Assignment #4 | Custom Shellcode Encoder

Hey ho, it’s time for some low-level shellcode encoding. After going through the encoder examples of the SLAE material I build a custom one, which you can find here. At first I wrote a little python script which takes every single byte of a given shellcode and subtracts a random integer from it. In the […]