Hawk - Hack The Box
Linux / 10.10.10.102
hackthebox drupal
Recent Posts
Msfvenom shellcode analysis
This blog post provides an analysis of various common shellcodes generated by the msfvenom utility which is part of Metasploit.
slae assembly encodingSmasher - Hack The Box
Linux / 10.10.10.89
hackthebox binary exploitCustom shellcode encoder
A shellcode encoder can be used for different purposes such as modify an existing shellcode to make it harder to detect by AV engines or simply avoid bad characters (such as null-bytes).
slae assembly encodingEgghunter Linux Shellcode
An egghunter can be useful in situations where the buffer space the attacker controls is limited and doesn’t allow for a full shellcode to be placed on the stack. The egghunter acts as a staged payload: the smaller payload which is executed first looks through the entire process memory space for a marker (the egg) indicating the start of the larger payload. Once the egg is found, the stager jumps to the memory address following the egg and executes the shellcode.
slae assembly egghunterTCP reverse shellcode
A TCP reverse shell connects back to the attacker machine, then executes a shell and redirects all input & output to the socket. This is especially useful when a firewall denies incoming connections but allows outgoing connections.
slae assembly tcp reverse shellcodeTCP bind shellcode
A bind shellcode listens on a socket, waiting for a connection to be made to the server then executes arbitrary code, typically spawning shell for the connecting user. This post demonstrates a simple TCP bind shellcode that executes a shell.
slae assembly tcp bind shellcode