Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Related links

1. Hacking Tools For Windows
2. Hacking Tools Free Download
3. How To Hack
4. Hacking Tools For Kali Linux
5. Pentest Tools Tcp Port Scanner
6. Pentest Tools For Ubuntu
7. Hacker Tools Hardware
8. Hacker Tools List
9. Hacks And Tools
10. Github Hacking Tools
11. Pentest Tools For Mac
12. Pentest Tools Framework
13. Hacking Tools For Windows Free Download
14. Hacker Tools For Mac
15. Pentest Tools Tcp Port Scanner
16. Game Hacking
17. Pentest Tools Windows
18. New Hack Tools
19. Hacking Tools For Kali Linux
20. Pentest Tools For Ubuntu
21. Pentest Tools Find Subdomains
22. Kik Hack Tools
23. Hacker Tools Linux
24. Hack Tools Github
25. Hack And Tools
26. How To Install Pentest Tools In Ubuntu
27. Pentest Tools List
28. Hacking Tools For Windows Free Download
29. Hacking Tools Kit
30. Hack Tools Github
31. Hack Tools
32. Hacker Tools Software
33. Hack Tools For Ubuntu
34. Hack Tool Apk
35. Pentest Tools For Android
36. Hacker Tools For Mac
37. Hacking Tools For Windows
38. Pentest Tools Framework
39. Pentest Tools Apk
40. Best Pentesting Tools 2018
41. Hack Tools Pc
42. Pentest Tools Android
43. Hacker Tools List
44. Tools Used For Hacking
45. Hacking Tools For Windows Free Download
46. Pentest Tools
47. Hack Tool Apk No Root
48. Hack Tools Pc
49. Hacking Tools Kit
50. Hacking Apps
51. Tools For Hacker
52. Pentest Tools
53. New Hack Tools
54. Hack Tools For Games
55. Tools For Hacker
56. Hacking Tools Hardware
57. Pentest Tools Framework
58. Pentest Tools
59. Pentest Tools Find Subdomains
60. Hack Tools For Windows
61. Hack Tools Download
62. Pentest Tools Framework
63. Hacking Tools For Beginners
64. Hacker Security Tools
65. Pentest Tools For Android
66. Pentest Tools Website Vulnerability
67. Hack Tools For Windows
68. Pentest Tools Kali Linux
69. Hacking Tools Windows
70. What Is Hacking Tools
71. Hack Tools For Games
72. Hacking Tools For Windows
73. Pentest Tools For Ubuntu
74. Hacking Tools For Kali Linux