Achal Tiwariachaltiwari.hashnode.dev·Jul 22, 2024ShellCode 1.0Hey there! Today, we're diving into the fascinating and somewhat intimidating world of shellcode. If you've ever wondered how hackers manage to take control of a compromised machine, shellcode is often a big part of the answer. Let's break it down to...Malware
Corey Gardnercoreyscorner.hashnode.dev·Oct 25, 2023Basic Concepts of x86 Shell CodeOne of my favorite quotes of all time comes from Jon Erickson's Hacking the Art Of Exploitation: "Shellcode is injected into a running program, where it takes over like a biological virus inside a cell." I studied molecular biology in college and t...shellcode
Noel Osirocybersahara.hashnode.dev·Jul 15, 2023Everything you need to know to start coding your own shellProcess A process is an executing program with a unique process ID (PID). The PID is an integer value used by the operating system for process management, resource allocation, and inter-process communication. PPID, or Parent Process IDentifier, repre...Building your own UNIX command interpreterunix
Stackzerostackzero.hashnode.dev·Jul 5, 2023How to code shellcode runner for your malware analysisThe question that might come naturally after reading this title is:Why should you know how to code a shellcode runner for your malware analysis? Malware analysis is a dark art. Every time you conduct a routine analysis, you get a surprise.Often, you ...27 readsshellcode
Stackzerostackzero.hashnode.dev·Jun 30, 2023How to embed shellcode payload into an executableA good malware analyst has to know how to embed shellcode payload into an executable in just a few minutes, which is the best way to recognize it during analysis. Trojans or, more generally, some malware often embed shellcode within their code, in pa...100 readsshellcode
Joan Estebanjanestebans.hashnode.dev·Jun 16, 2023Basic Windows AV Bypass - Part 5 - Embed and Execute the ShellcodeNow we can finally start coding our trojan. The malware we are going to use for testing is a reverse TCP shell from Metasploit. Before coding the shellcode loader, let's see if AVs can detect the reverse shell executable. To generate the reverse TCP ...41 readsBasic Windows AV BypassMalware