Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Related articles

• Hacker Search Tools
• Hacks And Tools
• Hack Tools Pc
• Pentest Box Tools Download
• Best Hacking Tools 2020
• Pentest Tools Bluekeep
• Hacking Tools For Kali Linux
• Pentest Tools Tcp Port Scanner
• Hacking Tools Kit
• Hack Tools For Games
• Pentest Tools Linux
• Pentest Tools Bluekeep
• Hack Tools For Games
• New Hacker Tools
• Pentest Tools Android
• Pentest Tools Bluekeep
• Nsa Hack Tools Download
• Hacking Tools And Software
• Bluetooth Hacking Tools Kali
• Hacker Tools For Pc
• Hacker Tools
• Free Pentest Tools For Windows
• Pentest Tools For Android
• Install Pentest Tools Ubuntu
• Pentest Tools Download
• Hack Tools For Pc
• Pentest Tools Website Vulnerability
• Hackers Toolbox
• Hacker Tools For Pc
• Blackhat Hacker Tools
• Hack Tools
• Hacker Tools Online
• Computer Hacker
• Hack And Tools
• Best Hacking Tools 2019
• Install Pentest Tools Ubuntu
• Pentest Tools Nmap
• Hacking Tools For Games
• Hacker Tool Kit
• Hack Tools Pc
• Hacking Apps
• Hacker Tools For Windows
• Hacking Tools Mac
• How To Make Hacking Tools
• Hack Tools Mac
• Pentest Tools Open Source
• Hacker Tools For Pc
• Pentest Tools Nmap
• Hack Tools Download
• World No 1 Hacker Software
• Blackhat Hacker Tools
• Pentest Tools Free
• Hacking Tools For Games
• Hacker Tools Hardware
• Hacking Tools Pc
• Pentest Tools Online
• Hack Tools
• New Hacker Tools
• Hack Tools For Games
• Pentest Recon Tools
• Hacking Tools For Windows 7
• Pentest Tools Framework
• Pentest Tools Online
• Easy Hack Tools
• Hacking Tools For Windows Free Download
• Hack Tools For Ubuntu
• Hacker Tools List
• Hacking Tools Online
• Hacking Tools Hardware
• Hack Tools For Games
• Hacking Tools 2019
• Hack Tools Download
• New Hacker Tools
• Computer Hacker
• Hack Tools Github
• Pentest Tools Review
• Nsa Hack Tools
• Hacks And Tools
• Tools For Hacker
• Hacking Tools For Kali Linux
• Hacking Tools 2020
• Nsa Hack Tools Download
• Hack Tool Apk No Root
• Growth Hacker Tools
• Hacker Tools For Mac
• Github Hacking Tools
• Hacker Tools Linux
• Best Hacking Tools 2019
• Hacker Tools Software
• Hacker Tools Software
• Tools 4 Hack
• Hacking Tools Github
• Hacker Tools Github
• Hak5 Tools
• Pentest Tools Website Vulnerability
• Hacking Tools For Beginners
• Hacking Tools 2019
• Growth Hacker Tools
• Hacking Tools Online
• Hack Tools Github
• Hacking Tools Usb
• Hacker Tools Linux
• Pentest Tools Apk
• Easy Hack Tools
• Pentest Tools Url Fuzzer
• Hacker Tools Hardware
• Underground Hacker Sites
• Pentest Tools Website Vulnerability
• Hacking Tools Free Download
• Hack Apps
• Hacker Tools 2019
• Hacking Tools For Beginners
• Pentest Tools Find Subdomains
• Pentest Tools Apk
• Pentest Tools Github
• Hack Tools 2019
• Physical Pentest Tools
• How To Hack
• How To Install Pentest Tools In Ubuntu
• Hacker Tools For Pc
• Best Hacking Tools 2019
• Hacker Tools Linux
• Pentest Tools Alternative
• Hacker Tools Linux
• Hacker Tools Windows
• Pentest Reporting Tools
• Hacker Tools For Pc
• Black Hat Hacker Tools