Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

More info

1. Hacker Tools Online
2. Hack Tools 2019
3. Best Hacking Tools 2019
4. Pentest Tools Review
5. Computer Hacker
6. Hacker Tools For Windows
7. Pentest Tools Apk
8. Hacking Tools For Games
9. Hack Tools Github
10. Hacking Tools Software
11. Termux Hacking Tools 2019
12. How To Make Hacking Tools
13. Hacker Tools Linux
14. Hacking Tools Kit
15. Pentest Tools Download
16. Hacker Tools List
17. Hacker Tools For Ios
18. Hacking Tools Usb
19. Hack And Tools
20. Pentest Tools List
21. Hacking Tools For Windows
22. Hack Tool Apk No Root
23. Hacker Tools Windows
24. Hacker Tools Apk Download
25. Hacker Tools Online
26. Hacks And Tools
27. Hacking Tools For Kali Linux
28. Hacking Tools 2019
29. Tools 4 Hack
30. Pentest Tools Subdomain
31. Hack Tools Online
32. Hacking Tools Kit
33. Pentest Tools Open Source
34. Pentest Recon Tools
35. Hacker Tools Windows
36. Pentest Tools Tcp Port Scanner
37. Best Hacking Tools 2019
38. Pentest Tools Find Subdomains
39. Hack Tools Download
40. Hacker Tools Github
41. Pentest Tools Online
42. Hacker Tools Linux
43. Pentest Box Tools Download
44. Hack Tools For Pc
45. Growth Hacker Tools
46. Hack And Tools
47. Growth Hacker Tools
48. How To Hack
49. Hacker Tools Apk
50. Hacks And Tools
51. Blackhat Hacker Tools
52. What Are Hacking Tools
53. Hacking Tools And Software
54. Hack Tools For Pc
55. Best Hacking Tools 2020
56. Hacker Tools Free Download
57. Hacker Tools Software
58. Hack Website Online Tool
59. Beginner Hacker Tools
60. Hacking Tools Online
61. Hacker Hardware Tools
62. How To Hack
63. Hacker
64. Black Hat Hacker Tools
65. Hacking Tools Free Download
66. Pentest Tools Apk
67. Hacking Tools Free Download
68. World No 1 Hacker Software
69. Hack Tool Apk
70. Pentest Box Tools Download
71. Hack Tools
72. Wifi Hacker Tools For Windows
73. Hacking Tools 2019
74. Nsa Hack Tools Download
75. Pentest Tools Alternative
76. Hack App
77. Pentest Tools For Android
78. Hacker Tools 2019
79. Hacking Tools Kit
80. Hack Tools Github
81. Hacking Tools 2019
82. Hack Tools
83. Pentest Tools Kali Linux
84. Hacker
85. Android Hack Tools Github
86. Hacking Tools For Games
87. Tools For Hacker
88. Growth Hacker Tools
89. Growth Hacker Tools
90. Hack Tools For Mac
91. Hack Tools For Games
92. Hacking Tools