Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Related posts

1. Hacking Tools 2020
2. Hack Rom Tools
3. Pentest Box Tools Download
4. Nsa Hacker Tools
5. Nsa Hack Tools Download
6. Hacking Tools Usb
7. Pentest Tools For Windows
8. Pentest Tools Website
9. Hacker Tools 2019
10. Pentest Tools Port Scanner
11. Pentest Tools Android
12. Hacking Tools For Pc
13. Install Pentest Tools Ubuntu
14. Growth Hacker Tools
15. Hacking Apps
16. Pentest Tools Windows
17. Pentest Tools Find Subdomains
18. Hacker Tools For Ios
19. Hacking Tools Software
20. Hacking Tools
21. Hack Tools For Games
22. Hacker Tool Kit
23. Hack Tools
24. Hacking Tools For Kali Linux
25. Hack Apps
26. Hacker Hardware Tools
27. Pentest Tools Apk
28. Pentest Tools
29. Github Hacking Tools
30. Tools Used For Hacking
31. Hacker Techniques Tools And Incident Handling
32. Pentest Tools Url Fuzzer
33. Nsa Hacker Tools
34. Physical Pentest Tools
35. Hacking Tools Github
36. Tools For Hacker
37. Hacking Tools Download
38. Pentest Tools Github
39. Hacker Tools Free
40. Hacking Tools Software
41. Hacking Tools For Beginners
42. Best Hacking Tools 2019
43. Hack Tool Apk
44. Easy Hack Tools
45. Hack Tools Mac
46. Tools 4 Hack
47. Ethical Hacker Tools
48. Pentest Tools Open Source
49. Hacker Tools Software
50. Pentest Reporting Tools
51. What Are Hacking Tools
52. Hacker
53. Hacker Tools Apk
54. Wifi Hacker Tools For Windows
55. Best Hacking Tools 2019
56. Hacker Tools Free
57. Pentest Tools Website
58. Hack Tools
59. Hacking Tools Name
60. Hackers Toolbox
61. Hacker Tools Free Download
62. Hacker Tool Kit
63. Hacking Tools Pc
64. Easy Hack Tools
65. Hacking Tools For Windows 7
66. Hacker Tools For Ios
67. Hacking Tools And Software
68. Hacking Tools For Kali Linux
69. Hack Website Online Tool
70. Best Hacking Tools 2019
71. Hacking Tools For Mac
72. Tools For Hacker
73. Wifi Hacker Tools For Windows
74. World No 1 Hacker Software
75. Pentest Tools
76. Wifi Hacker Tools For Windows
77. Install Pentest Tools Ubuntu
78. Hacking Tools Hardware
79. Hack Tools For Pc
80. Hacker Tools Apk
81. Hacking Tools 2019
82. Physical Pentest Tools
83. Hacking Tools Kit
84. Black Hat Hacker Tools
85. Beginner Hacker Tools
86. Hak5 Tools
87. Hacking Tools Windows
88. Pentest Recon Tools
89. Hacking Tools For Beginners
90. Hacker Tools Software
91. Hacking Tools Online
92. Hacking Tools For Kali Linux
93. Hack Tools 2019
94. Github Hacking Tools
95. Hack Tools For Ubuntu
96. Beginner Hacker Tools
97. Tools 4 Hack
98. Pentest Tools Android
99. Pentest Tools Find Subdomains
100. Hacking Tools Kit
101. Hacker Tools Mac
102. Hack Tools For Pc
103. Hackrf Tools
104. Hacker Tools Apk
105. Pentest Tools Review
106. Hacking Tools For Windows 7
107. Hacker Tools
108. Black Hat Hacker Tools
109. Hacking Tools Github
110. Hacking Tools And Software
111. Hack Tools For Pc
112. Hack Tools Mac
113. Hacking Tools Name
114. Hacker Tools For Windows
115. Hack Tools Github
116. Hacking Tools Usb
117. Nsa Hack Tools
118. Hack Tools For Mac
119. Pentest Tools Website Vulnerability
120. Hacking Tools For Mac
121. Hacking Tools For Kali Linux
122. Pentest Tools For Windows
123. Hack Rom Tools
124. Pentest Tools Website
125. Tools 4 Hack
126. Pentest Tools Bluekeep
127. Hacker Tools For Ios
128. Best Hacking Tools 2019
129. Hacking Tools For Beginners
130. New Hack Tools
131. Hack Apps
132. Hacker Tools 2020
133. Hack App
134. Hacking Tools
135. Hacker Tools Github
136. Blackhat Hacker Tools
137. Blackhat Hacker Tools
138. Blackhat Hacker Tools
139. Tools Used For Hacking
140. Tools Used For Hacking
141. Hacker Security Tools
142. Pentest Tools Apk
143. Pentest Tools Website Vulnerability
144. Pentest Tools Download
145. Hack Tools For Pc
146. Pentest Tools Alternative