Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Related articles

1. Pentest Tools Windows
2. Hack And Tools
3. Hacker Tools List
4. How To Hack
5. Pentest Tools Open Source
6. Pentest Tools For Mac
7. Hacking Tools 2019
8. Pentest Tools Windows
9. Best Pentesting Tools 2018
10. Wifi Hacker Tools For Windows
11. Hacker Tools Hardware
12. Pentest Tools Apk
13. New Hacker Tools
14. Computer Hacker
15. Hacking Tools For Windows
16. Install Pentest Tools Ubuntu
17. Pentest Recon Tools
18. How To Make Hacking Tools
19. Physical Pentest Tools
20. Install Pentest Tools Ubuntu
21. Computer Hacker
22. Hacking Tools Software
23. Hacker Tools Software
24. Hacker Tools
25. Hacking Tools Github
26. Hacker Tools For Mac
27. Hacking Tools Software
28. New Hack Tools
29. Hack Tools For Games
30. Hacker Techniques Tools And Incident Handling
31. Hacker Tools Online
32. New Hacker Tools
33. Hack And Tools
34. Hacking Tools 2020
35. Physical Pentest Tools
36. Tools For Hacker
37. Usb Pentest Tools
38. Easy Hack Tools
39. Hacker Tools Free Download
40. Hacking Apps
41. Pentest Tools For Android
42. Hacker Tools Apk
43. Nsa Hack Tools Download
44. New Hack Tools
45. Pentest Box Tools Download
46. Pentest Tools Windows
47. Hackers Toolbox
48. Pentest Tools For Windows
49. Hacking Tools For Windows 7
50. Pentest Tools For Ubuntu
51. Hacker Tools 2019
52. Best Hacking Tools 2020
53. Easy Hack Tools
54. Hacking Tools Hardware
55. Tools Used For Hacking
56. Hack Tools For Pc
57. Hacking Tools Windows
58. Hacking Tools For Kali Linux
59. Pentest Tools For Windows
60. Hack Website Online Tool
61. Hack Tools For Pc
62. Best Hacking Tools 2019
63. Hacking Tools For Games
64. Hack Tools For Games
65. Hacking Tools 2019
66. Pentest Tools Subdomain
67. Best Hacking Tools 2020
68. Hack Tools Github
69. How To Hack
70. Blackhat Hacker Tools
71. Hack Tools Download
72. Pentest Tools List
73. Hack Website Online Tool
74. Hacking Tools Mac
75. Underground Hacker Sites
76. Hacking Tools Online
77. Hacker Tools For Ios
78. How To Install Pentest Tools In Ubuntu
79. Best Hacking Tools 2020
80. Hackrf Tools
81. Hacker Tools Windows
82. Termux Hacking Tools 2019