Author Archives: buffered4ever

Crypters are programs that encrypt an executable/shellcode, decrypt it at runtime and then run them. So the idea is to use a key/string to encrypt the shellcode. The encrypted shellcode will then be decrypted with the same key and then run. To understand this further we will create our custom crypter using the AES encryption […]

Anti-Virus and IDS vendors constantly create signatures for any new type of shellcode to keep their products updated to protect against attacks.  But malware developers also try and remain ahead of the game by finding new ways to evade AV/IDS . Today we will cover creating Polymorphic shellcodes that are often used to defeat signature […]

Today, we find shellcodes on various websites like shell-storm.org, exploit-db.com and other internet forums. Running shellcode without understanding the code could have catastrophic results . For instance, a shellcode could do an rm -rf  on the file system even though the comments in the shellcode indicate otherwise. Therefore, I think its important we learn whats going […]

Encoding is the process of converting data from one form to another. Encoding is very different from Encryption. Encoding converts data using an algorithm that can be easily reversed. The purpose of encoding is simply to transform data into another form which can be consumed by another system. On the other hand, Encryption is used to […]

Egghunter is shellcode that searches for an 8-byte egg that we delibrately place in memory. Once found, this egg points to a much larger space in memory where are shellcode can run. Egghunter can can be very useful in a buffer overflow situation where we control the flow of the program and cannot execute our […]

In the last post, we looked at writing the shell_bind_tcp assembly program. In this post, we will write reverse shell in assembly. Unlike bind tcp where the port is opened on the target system. Here we have a port listening on our attacker machine and the victim connects to our open port and sends us […]

Whats a bind shell? Bind tcp opens up a port on the victim’s system. When we connect to that port we get shell access to the victim’s system. Hence the term bind shell. Today we write a bindshell in assembly and generate the shellcode that will give us a bind shell. Before that lets look […]