Sunday, January 21, 2024

Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 


In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'


Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.




This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.


target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 


Eax is not a counter, is getting hardcoded values which is probably an API name:


In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.


More information


  1. Pentest Tools Find Subdomains
  2. Pentest Box Tools Download
  3. Hack Tools Github
  4. Free Pentest Tools For Windows
  5. Hack Apps
  6. Hacking Tools Mac
  7. Pentest Tools Find Subdomains
  8. Nsa Hack Tools
  9. Pentest Tools Subdomain
  10. Pentest Recon Tools
  11. Hacker Tools Software
  12. Hackrf Tools
  13. Hacking Tools For Kali Linux
  14. Pentest Tools Port Scanner
  15. Hack Tool Apk No Root
  16. Hacker Tools 2019
  17. Pentest Tools For Mac
  18. Hacking Tools Download
  19. Hack Tools Mac
  20. Tools 4 Hack
  21. Hacker Hardware Tools
  22. Hack Rom Tools
  23. Hack Tools
  24. Hacking Tools For Pc
  25. Pentest Tools Nmap
  26. Hacking Tools 2020
  27. Pentest Tools Port Scanner
  28. Pentest Recon Tools
  29. Easy Hack Tools
  30. Hacking Tools For Windows 7
  31. Computer Hacker
  32. Hacker Security Tools
  33. Hack Rom Tools
  34. Pentest Recon Tools
  35. Tools 4 Hack
  36. Hack Website Online Tool
  37. Hacker Tools List
  38. Hack Apps
  39. Hacker Tools For Pc
  40. Pentest Tools Website Vulnerability
  41. Hack Tools
  42. Pentest Tools Bluekeep
  43. Ethical Hacker Tools
  44. Tools For Hacker
  45. Hack Tools Pc
  46. Pentest Tools Open Source
  47. Best Pentesting Tools 2018
  48. Hacking Tools Pc
  49. Pentest Tools Kali Linux
  50. Hack Tools
  51. Hackrf Tools
  52. Growth Hacker Tools
  53. Hack Apps
  54. Hacker Tools Free
  55. Hackrf Tools
  56. Hacker Tools 2020
  57. Hack Tools 2019
  58. Hacker Tools
  59. Best Hacking Tools 2019
  60. Hacking Apps
  61. Hacker Tools 2020
  62. Hack Tool Apk No Root
  63. Pentest Tools Download
  64. Hack Tools Mac
  65. Hacker Tools For Mac
  66. Hacking Tools Hardware
  67. Pentest Tools Github
  68. Hack Tools For Pc
  69. Hacking Tools Software
  70. Hacker Tools Windows
  71. Hacking Tools 2019
  72. Pentest Tools Alternative
  73. Pentest Tools Framework
  74. Pentest Tools Online
  75. Hacking Tools Free Download
  76. Pentest Tools Framework
  77. Hack Website Online Tool
  78. Hack Tools Download
  79. Hacker Tools Free
  80. Hacker Tools 2019
  81. Hacking Tools Kit
  82. Pentest Tools Linux
  83. Hacker Tools For Ios
  84. Hacking Tools Windows 10
  85. Best Hacking Tools 2019
  86. Hacker
  87. Hacker
  88. Hack Apps
  89. Hack Tools Download
  90. Hacking Tools For Mac
  91. Hacking Apps
  92. Tools For Hacker
  93. Pentest Automation Tools
  94. Hacking Tools For Windows Free Download
  95. Best Pentesting Tools 2018
  96. Pentest Automation Tools
  97. Hacker Hardware Tools
  98. Free Pentest Tools For Windows
  99. Hacking Tools Windows 10
  100. Easy Hack Tools
  101. Pentest Tools Kali Linux
  102. Hackers Toolbox
  103. Hacker Tools Free Download
  104. Hack Rom Tools
  105. Pentest Tools Url Fuzzer
  106. Hacking Tools For Kali Linux
  107. Hacking Tools Github
  108. Hackrf Tools
  109. Hacking App
  110. Hack Rom Tools
  111. Pentest Tools Open Source
  112. Nsa Hack Tools
  113. Pentest Tools Subdomain
  114. Hack Tools For Mac
  115. Hackrf Tools
  116. Pentest Tools Online
  117. Hackrf Tools
  118. Pentest Tools Linux
  119. Hacking Tools Usb
  120. Hack Tools For Mac
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)