Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Related articles

1. Github Hacking Tools
2. Hacker Tools Apk Download
3. Hacker
4. Hacker Tools For Windows
5. Hacking Tools 2019
6. Hack Tools Mac
7. Black Hat Hacker Tools
8. Hack Website Online Tool
9. Hack Tools For Ubuntu
10. Hack Website Online Tool
11. Hacker Tools For Ios
12. Pentest Tools Url Fuzzer
13. Pentest Tools Open Source
14. Hack And Tools
15. Hack And Tools
16. Hack Tools For Mac
17. Hacking Tools For Games
18. Hack Tools Pc
19. Pentest Tools Online
20. Pentest Tools Alternative
21. Hacker Techniques Tools And Incident Handling
22. Github Hacking Tools
23. New Hack Tools
24. New Hacker Tools
25. Hacker Tools Free
26. Hacker Tools Linux
27. Hacker Tools Hardware
28. Hack Tools Mac
29. Hack Tools Pc
30. Hacking Tools For Beginners
31. Github Hacking Tools
32. World No 1 Hacker Software
33. Hacker Tools Online
34. What Are Hacking Tools
35. Pentest Tools Subdomain
36. Beginner Hacker Tools
37. New Hacker Tools
38. Pentest Tools Tcp Port Scanner
39. Android Hack Tools Github
40. Tools Used For Hacking
41. Hack Tools Github
42. Hacker Tools Apk Download
43. Github Hacking Tools
44. Hacker Search Tools
45. Hacking Tools Software
46. Hacking Tools For Beginners
47. Hack Tools For Games
48. Pentest Tools Website
49. Hack And Tools
50. Hacking Tools Software
51. Hacker Hardware Tools
52. Hacking Tools Windows 10
53. Hack Tools 2019
54. How To Make Hacking Tools
55. Hack Tools Github
56. Termux Hacking Tools 2019
57. Hack And Tools
58. Pentest Tools List
59. Android Hack Tools Github
60. Pentest Tools Framework
61. Hack Tools
62. Hacking Apps
63. Pentest Tools Free
64. Hack Tools
65. Hack Tools
66. Hacking Tools Name
67. Hacker Tools
68. Pentest Tools Find Subdomains
69. Hacking Tools For Windows Free Download
70. Hacking Tools Software
71. Pentest Tools Alternative
72. Hack Tools
73. Hacker Tools For Pc
74. Hack And Tools
75. Hack Tools Pc
76. Hacker Tool Kit
77. Hacking Tools Mac
78. Hacker Tools 2020
79. Hacking Tools For Games
80. Hack Tools For Pc
81. Pentest Tools Free
82. Pentest Tools Android
83. Hacking Tools For Kali Linux
84. Hack Tools Mac
85. Tools Used For Hacking
86. Hacker Tools Apk Download
87. Hacking Tools Software
88. How To Make Hacking Tools
89. Hacker Tools Github
90. Hacker
91. Hacking Tools Windows
92. New Hack Tools
93. Hacking Tools Hardware
94. Install Pentest Tools Ubuntu
95. Hack Tools Mac
96. Hacking Tools For Windows Free Download
97. Blackhat Hacker Tools
98. Hacking Tools For Pc
99. Pentest Tools Framework
100. Hak5 Tools
101. Easy Hack Tools
102. Hacker Tools 2019
103. Pentest Tools For Ubuntu
104. Hack Tools 2019
105. Hacker Tools Apk Download
106. Hack Tools Mac
107. Hacking Tools Pc
108. Underground Hacker Sites
109. Pentest Tools Bluekeep
110. Hack App
111. Usb Pentest Tools
112. What Are Hacking Tools
113. Pentest Tools Android
114. Hacking Tools Mac
115. Termux Hacking Tools 2019
116. Tools For Hacker
117. Hacking Tools Download
118. How To Hack
119. Hacker Security Tools
120. Hack Tools
121. Game Hacking
122. Hacking Tools For Windows Free Download
123. Hacking Tools For Games
124. Install Pentest Tools Ubuntu
125. Hacker Tools For Mac
126. World No 1 Hacker Software
127. Pentest Tools Nmap
128. Kik Hack Tools
129. Hacking Tools Pc
130. Hacking Tools For Pc
131. Hacking Tools Hardware
132. Hacking Tools 2020
133. Hacking Tools 2020
134. Hacking Tools Github
135. Hacking Tools 2020
136. Best Hacking Tools 2020
137. Hacker Tool Kit
138. Hacker Security Tools
139. Android Hack Tools Github
140. Install Pentest Tools Ubuntu
141. Hackers Toolbox
142. Game Hacking
143. Free Pentest Tools For Windows
144. Pentest Tools For Mac
145. Hack Tools Download
146. Pentest Automation Tools
147. Hacker Tools Online
148. Hacking Tools For Kali Linux
149. Underground Hacker Sites
150. Hacking Tools Github
151. Hacker Hardware Tools
152. Black Hat Hacker Tools
153. Kik Hack Tools
154. Hack Tool Apk No Root
155. Hackers Toolbox
156. Pentest Tools Free
157. Nsa Hacker Tools
158. Best Pentesting Tools 2018
159. Easy Hack Tools
160. Hack Tool Apk
161. Hack And Tools
162. Pentest Tools Framework
163. Free Pentest Tools For Windows
164. Hacking Tools Windows 10
165. Hacker Security Tools
166. World No 1 Hacker Software