Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

More info

• New Hack Tools
• What Is Hacking Tools
• Hacker Tools List
• Hacker Tools For Pc
• Pentest Tools Subdomain
• Pentest Tools Tcp Port Scanner
• Underground Hacker Sites
• Best Hacking Tools 2019
• Hacker Tools Linux
• Hacker Tool Kit
• New Hacker Tools
• Pentest Tools Bluekeep
• Usb Pentest Tools
• Hak5 Tools
• Tools For Hacker
• Hacker Search Tools
• Blackhat Hacker Tools
• Wifi Hacker Tools For Windows
• Hacking Tools
• Hacker Tools For Ios
• Nsa Hack Tools Download
• Nsa Hacker Tools
• Hacking Tools For Kali Linux
• Hacking Tools Name
• Tools 4 Hack
• Hack Tools For Windows
• World No 1 Hacker Software
• Nsa Hack Tools Download
• Hacker Tools Linux
• Physical Pentest Tools
• Tools For Hacker
• Hacking Tools Free Download
• Hacking Tools Windows
• How To Make Hacking Tools
• Pentest Tools Free
• Hacker Tools 2020
• Hack Tool Apk No Root
• Hacking Tools Hardware
• Hacker Techniques Tools And Incident Handling
• Hack Tools Mac
• Hacker Tools Github
• Hacking Tools 2020
• Hacker Tools For Pc
• Pentest Tools Online
• Pentest Tools Find Subdomains
• Hacker Tools Hardware
• Hack Tool Apk No Root
• Pentest Box Tools Download
• Install Pentest Tools Ubuntu
• Pentest Tools Android
• Pentest Tools Website Vulnerability
• Hacking Tools Hardware
• Usb Pentest Tools
• Hacker
• Hack Tools For Mac
• Pentest Tools For Windows
• Pentest Tools Kali Linux
• Hack Apps
• Hacking Tools And Software
• Ethical Hacker Tools
• Hacker Search Tools
• Pentest Tools Alternative
• Game Hacking
• Hack Tools Pc
• Hacking Tools 2019
• Best Hacking Tools 2019
• Hacking Tools Github
• Physical Pentest Tools
• Hack Tools Online
• Underground Hacker Sites
• Hacker Tools For Mac
• Hacking Tools Kit
• What Is Hacking Tools
• New Hacker Tools
• Hacking Tools And Software
• Pentest Tools Bluekeep
• Growth Hacker Tools
• Pentest Tools Free
• Pentest Tools Free
• Pentest Automation Tools
• Hacker Techniques Tools And Incident Handling
• Ethical Hacker Tools
• Free Pentest Tools For Windows
• Underground Hacker Sites
• Hack Tools For Windows
• Github Hacking Tools
• Hack Tools For Pc
• Hacking Tools For Kali Linux
• Pentest Tools For Windows
• Nsa Hack Tools
• Ethical Hacker Tools
• Hacker Techniques Tools And Incident Handling
• Pentest Reporting Tools
• Hacking Tools 2020
• Tools For Hacker
• Top Pentest Tools
• Nsa Hacker Tools
• Hack Tools For Pc
• Hack Tools For Pc
• Hacking Tools Mac
• Hacking Tools
• Nsa Hack Tools Download
• Pentest Reporting Tools
• Hacker Tools For Windows
• Termux Hacking Tools 2019
• Hack Tools For Ubuntu
• Hacker Tools 2019
• Hacking Tools For Kali Linux
• Blackhat Hacker Tools
• Hacker
• Game Hacking
• Hacker Tools
• Tools 4 Hack
• Tools Used For Hacking
• Hacker Tools Apk
• Hack Tools Download
• Hacker Tools Hardware
• Hacker Tools Linux
• Install Pentest Tools Ubuntu
• Hack Tools Mac
• Hacker Tools Github
• Hacker Tools Windows
• Underground Hacker Sites
• Pentest Tools Alternative
• Hack Tool Apk No Root
• Hacking Tools Windows
• Ethical Hacker Tools
• Pentest Tools Website
• Black Hat Hacker Tools
• Nsa Hack Tools
• Hacking Tools And Software
• Hack Tools Github
• Nsa Hacker Tools
• Hacking Tools For Kali Linux
• Black Hat Hacker Tools
• Hack Tools For Pc
• Pentest Tools Download
• Pentest Tools List
• Hacker Tools Software
• Best Pentesting Tools 2018
• Hacker Hardware Tools
• Hack Tools For Windows
• Hacker Tools Free Download
• Nsa Hacker Tools
• Best Hacking Tools 2019
• Pentest Tools Download
• What Is Hacking Tools
• Hacking Tools 2020
• Hacking Tools For Beginners
• Hacking Tools Hardware
• Hacker Tools List
• Hacker Search Tools
• Hacker Hardware Tools
• Pentest Tools Github
• Hacking Tools For Games
• Hacking Tools Mac
• Hack Tools
• Hack Tool Apk
• Pentest Box Tools Download
• Bluetooth Hacking Tools Kali
• Pentest Tools Open Source
• Pentest Box Tools Download
• Hacking Tools 2020
• Pentest Tools Tcp Port Scanner
• Hackrf Tools
• Hacker Tools Github