Skip to main content

Posts

Showing posts from October, 2016

SLAE32 - Assignment 7

This is a continuation of a seven (7) part series for the SLAE32 Certification challenge. You can read the first six (6) parts here: Part 1 - Assignment 1 Part 2 - Assignment 2 Part 3 - Assignment 3 Part 4 - Assignment 4 Part 5 - Assignment 5 Part 6 - Assignment 6 The requirements for this assignment are as follows: Create a custom crypter like the one shown in the "crypters" video Free to use any existing encryption shcema Can use any programming language Full code can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/assignment-7 Supplemental scripts developed for this class can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/scripts

SLAE32 - Assignment 6

This is a continuation of a seven (7) part series for the SLAE32 Certification challenge. You can read the first five (5) parts here: Part 1 - Assignment 1 Part 2 - Assignment 2 Part 3 - Assignment 3 Part 4 - Assignment 4 Part 5 - Assignment 5 The requirements for this assignment are as follows: Take up 3 shellcodes from Shell-Storm and create polymorphic versions of them to beat pattern matching The polymorphic versions cannot be larger 150% of the existing shellcode Bonus points for making it shorter in length than original Full code can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/assignment-6 Supplemental scripts developed for this class can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/scripts

SLAE32 - Assignment 5

This is a continuation of a seven (7) part series for the SLAE32 Certification challenge. You can read the first four (4) parts here: Part 1 - Assignment 1 Part 2 - Assignment 2 Part 3 - Assignment 3 Part 4 - Assignment 4 The requirements for this assignment are as follows: Take up at least 3 shellcode samples created using Msfpayload (msfvenom) for linux/x86 Use GDB/Ndisasm/Libemu to dissect the functionality of the shellcode Present your analysis Full code can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/assignment-5 Supplemental scripts developed for this class can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/scripts

SLAE32 - Assignment 4

This is a continuation of a seven (7) part series for the SLAE32 Certification challenge. You can read the first three (3) parts here: Part 1 - Assignment 1 Part 2 - Assignment 2 Part 3 - Assignment 3 The requirements for this assignment are as follows: Create a custom encoding scheme like the "Insertion Encoder" we showed you PoC with using execve-stack as the shellcode to encode with your schema and execute The code for this assignment can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/assignment-4 Supplemental scripts I developed for this course can be found on GitHub here: https://github.com/blu3gl0w13/SLAE32/tree/master/scripts

SLAE32 - Assignment 3

This is part three (3) in a seven (7) part series for the SecurityTube Linux Assembly Expert 32-bit certification challenge. You can find part one (1) here: Part 1 - Assignment 1 . You can read part two (2) here: Part 2 - Assignment 2 . In assignment three (3), we were given the following instructions: Study about the Egg Hunter shellcode Create a working demo of the Egg Hunter Should be configurable for different payloads The full code for this assignment can be found here: https://github.com/blu3gl0w13/SLAE32/tree/master/assignment-3 . Supplemental scripts can be found here: https://github.com/blu3gl0w13/SLAE32/tree/master/scripts I must say, I really enjoyed this assignment. I had some experience with Egg Hunters during the Pentesting with Kali (PWK) course offered by Offensive Security. With my new found assembly skills though, this offered a chance to really understand some of the assembly instructions being used. For this assignment I relied heavily on the followi

SLAE32 - Assignment 2

Welcome to part two (2) in our seven (7) part series for the SecurityTube Linux Assembly Expert 32-bit certification challenge. This blog represents the second assignment out of seven (7) and the requirements for assignment two (2) are as follows: Create a Shell_Reverse_TCP shellcode Reverse connects to a configured IP and PORT Execs shell upon connection The IP and PORT should be easily configurable Part one (1) can be found here: https://infoseccafe.blogspot.com/2016/10/slae32-assignment-1.html The code for this assignment can be found on GitHub at the following location: https://github.com/blu3gl0w13/SLAE32/tree/master/assignment-2 Supplemental scripts that I developed for this class can be found on GitHub at the following location: https://github.com/blu3gl0w13/SLAE32/tree/master/scripts Compared to assignment one (1), this code was actually a lot shorter, and if we think about this a little bit, it makes a lot of sense. Instead of using four (4) different SOCKET syst

SLAE32 - Assignment 1

In preparation for the next Offensive Security certification class and challenge (CTP and OSCE), I decided to invest some time and energy into the Security Tube Linux Assembly Expert 32-bit class. That way I can have a solid foundation in understanding the finer workings of Assembly. Especially since my focus for my second Bachelor's degree was more along the lines of system administration and back-end web development instead of the programming focus of Computer Science. Still, I never stop with my learning and barely slow down at times. This was the first assignment out of seven (7) and the requirements for assignment one (1) were as follows: Create a Shell_Bind_TCP shellcode Binds to a port Execs shell upon connection The PORT number should be easily configurable This is a pretty standard request but I must admit the process was only somewhat familiar. I knew I could write the code pretty easily once I understood the process. For this, I had to fall back on my love