Emulating Shellcodes - Chapter 1

 There are many basic shellcodes that can be emulated from the beginning from the end providing IOC like where is connecting and so on. But what can we do when the emulation get stuck at some point?

The console has many tools to interact with the emulator like it was a debugger but the shellcode really is not being executed so is safer than a debugger.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin -vv 

In some shellcodes the emulator emulates millions of instructions without problem, but in this case at instruction number 176 there is a crash, the [esp + 30h] contain an unexpected 0xffffffff.

There are two ways to trace the memory, tracing all memory operations with -m or inspecting specific place with -i which allow to use registers to express the memory location:

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  -i 'dword ptr [esp + 0x30]'

Now we know that in position 174 the value 0xffffffff is set.

But we have more control if we set the console at first instruction with -c 1 and set a memory breakpoint on write.

This "dec" instruction changes the zero for the 0xffffffff, and the instruction 90 is what actually is changing the stack value.

Lets trace the eax register to see if its a kind of counter or what is doing.

target/release/scemu -f ~/Downloads/shellcodes_matched/drv_shellcode.bin  --reg eax 

Eax is not a counter, is getting hardcoded values which is probably an API name:

In this case this shellcode depend on previous states and crash also in the debugger because of  register values. this is just an example of how to operate in cases where is not fully emulated.

In next chapter will see how to unpack and dump to disk using the emulator.

Related articles

• Hacker
• Best Hacking Tools 2020
• Best Hacking Tools 2020
• Hacking Tools Kit
• Hacking Tools Windows 10
• Hack Tools 2019
• Hack Rom Tools
• Hacking Tools Hardware
• Hacking App
• Hacker Techniques Tools And Incident Handling
• Hacker Tools Free Download
• Hacking Tools And Software
• Hacking Tools Online
• Hacker Tools Apk Download
• Tools Used For Hacking
• Hack Tools For Windows
• Hacking Tools Github
• Hack Tools
• Pentest Tools Port Scanner
• Hacking Tools For Windows Free Download
• Hacking Tools
• Hacker Tools Software
• Hacker Techniques Tools And Incident Handling
• Install Pentest Tools Ubuntu
• Hacker Tools Mac
• Hack Tools Online
• Game Hacking
• Pentest Tools Online
• Tools Used For Hacking
• Hack Tools For Mac
• What Is Hacking Tools
• Hacking Tools For Pc
• Pentest Tools Alternative
• Hack Tools Download
• Pentest Box Tools Download
• Hacking Tools Online
• Hacker Tools For Ios
• Hack Apps
• Pentest Reporting Tools
• Hackers Toolbox
• Nsa Hacker Tools
• Hacker Security Tools
• Hacker Tools Software
• Hacking Tools Software
• Hacking Tools For Pc
• Hacking Tools Usb
• Hacking Tools And Software
• Growth Hacker Tools
• Kik Hack Tools
• Github Hacking Tools
• Best Pentesting Tools 2018
• Hacker Tools Free
• Hack Tool Apk
• Hack Tools 2019
• Hacker Tools Software
• Pentest Tools Tcp Port Scanner
• Pentest Tools Alternative
• Hacker Tools Online
• Hacking Tools For Kali Linux
• Hack Tool Apk No Root
• Hack Apps
• Hacker Tools Online
• Hacking Tools 2020
• Hacking Tools Github
• How To Install Pentest Tools In Ubuntu
• Best Hacking Tools 2020
• Top Pentest Tools
• Pentest Tools Port Scanner
• Tools 4 Hack
• Hack Tools 2019
• Hack Tools Mac
• Pentest Tools Website
• Hacks And Tools
• Pentest Tools For Mac
• Pentest Tools Kali Linux
• Hacking Tools Online
• Hacking Tools For Mac
• Hacking Tools Usb
• Easy Hack Tools
• Pentest Tools Framework
• Black Hat Hacker Tools
• Game Hacking
• Hack App
• World No 1 Hacker Software
• Hack Tools Github
• New Hack Tools
• How To Hack
• Hacking Tools
• Hacks And Tools
• Best Hacking Tools 2019
• Hack Tools Pc
• Hacking Tools Windows
• Hacker Tools Software
• What Is Hacking Tools
• Nsa Hack Tools
• Hacking Tools For Kali Linux
• Bluetooth Hacking Tools Kali
• Pentest Tools Framework
• Hacker Tools Free
• Hacker Tools
• Hacker Tools Apk
• Hacking App
• Hacker Tools Software
• Hack And Tools
• Top Pentest Tools
• Github Hacking Tools
• Easy Hack Tools
• Hack Tools For Mac
• Pentest Tools Alternative
• Hacker Tools 2019
• Hacking Tools Usb
• Hacking Tools For Pc
• Hacking Tools Windows 10
• Hacker Tools Mac
• Hack Tools
• Wifi Hacker Tools For Windows
• Hack Apps
• Best Pentesting Tools 2018
• Hacker Tools For Mac
• Hacking Tools For Pc
• Blackhat Hacker Tools
• World No 1 Hacker Software
• Hacker Tools Mac
• Hack Tools Online
• Hacker Tools Windows
• Hacking Tools For Pc
• Ethical Hacker Tools
• Blackhat Hacker Tools
• Hacker Tools Apk
• Hacker Tools Software
• Hacking Tools
• Hackrf Tools
• Hacking Tools Windows
• Hacking Tools For Windows
• Tools Used For Hacking
• Hacking Tools Hardware
• Hacks And Tools
• Pentest Tools Nmap
• Hacker Security Tools
• Hacking Tools And Software
• Hack Rom Tools
• Pentest Tools Windows
• Hack App
• Hacking Tools For Pc
• Pentest Tools Download
• Pentest Tools Website Vulnerability
• Hacking Tools For Mac
• Hacker Tools Hardware
• Bluetooth Hacking Tools Kali
• Hacker Tools Apk Download
• Kik Hack Tools