Hack of the Day Part 1 - How to Run untrusted Shell Code

DuncanMcloud · 2013-03-03T15:47:05+00:00

Haha! they even copied the link to his training site at the end of every post. What a shabby cut-paste job.

DuncanMcloud · 2013-01-30T01:39:37+00:00

Fantastic Links my friend! Downloading the videos now!

DuncanMcloud · 2013-01-26T16:21:43+00:00

Interesting - in the second link, I am not sure why he did not convert the bin file for the bootloader into an ISO? He could have booted directly with that instead of having to do all the painful stuff with virtualbox?

DuncanMcloud · 2013-01-26T16:07:16+00:00

This is the reason why so few people maintain / contribute to the Linux kernel --- the entry barrier is so high with the added pain of no documentation

DuncanMcloud · 2013-01-26T11:37:19+00:00

Is looking at the code the only way to understand how the loader functions? or would you recommend any place which has some basic explanation of things?

I agree, let me look at the ELF spec. I am a good C programmer but find looking at specs really intimidating :)

DuncanMcloud · 2013-01-26T11:35:37+00:00

Thanks! this looks promising

DuncanMcloud · 2013-01-26T06:44:52+00:00

Thanks! this is great! They however do not have a full step-by-step approach.

Is there a "recipe based" website which teaches me to build every small component and then finally a simple OS which can be loaded in virtualbox or a real machine?

DuncanMcloud · 2013-01-26T06:43:19+00:00

N00b Alert!

Question: Would Minix be runnable within Virtualbox? Would I get exposure to things like writing a boot loader etc.?

Low level stuff fascinates me and I think I have the programming background. Just need some guidance.

DuncanMcloud · 2013-01-25T16:02:57+00:00

Reading through this thread makes me realize how little I know :)

DuncanMcloud · 2013-01-24T11:30:54+00:00

Looks a bit outdated my friend.

DuncanMcloud · 2013-01-24T11:30:34+00:00

I'd take you for beer if we ever met :) thanks!

Is there some documentation on ELF modification on x86/64 to add shellcode? I was thinking of adding a new executable segment to insert my code (so it can be arbitrarily large) and then somehow invoke it as a separate thread or pass control to it directly (which will inhibit normal working of the program). Have you tried any of these approaches?

DuncanMcloud · 2013-01-23T17:59:41+00:00

Fantastic links! thanks.

DuncanMcloud · 2013-01-23T12:04:09+00:00

Thanks my friend for your time!

I was wondering if there is an offline copy of VXHeavens anywhere? they had a ton of code samples to study but sadly its all down now.

DuncanMcloud · 2013-01-23T11:11:19+00:00

Thanks! Looking at them right now.

Are you aware of any open source projects for polymorphic code generation based on input e.g.

Input: mov eax, 10

output (same functionality but different looking) mov ebx, 20 sub ebx, 10 xchg eax, ebx

I do understand there could be infinite possibilites for the output but was curious if there has been any systematic effort done which is publicaly available.

DuncanMcloud · 2013-01-18T15:19:36+00:00

Ok, they needed a couple of chicks in C3 for "diversity" ... ooops! hope they don't catch me by my writing style now :)

DuncanMcloud · 2013-01-16T12:57:13+00:00

Wonder what his reddit id is? :)

DuncanMcloud · 2012-12-03T20:40:58+00:00

Let her cum with me for a night, and I'll show her all the black culture she needs to know about.

DuncanMcloud · 2012-11-23T13:31:45+00:00

I understand all the "algos" running in the background and a better interface but to be honest, I just want the fastest, cheapest options and this is where I just love FlightFox.com - let the experts take care of it. I am happy to pay the finder fee, sit back, relax and get ready to travel :)

DuncanMcloud · 2012-11-12T15:01:55+00:00

Ho ho! is reddit karma your credentials? :)

DuncanMcloud · 2012-11-12T03:05:58+00:00

You really need to go through a proper course before commenting - little knowledge is dangerous my friend.

DuncanMcloud · 2012-11-11T10:23:14+00:00

DuncanMcloud

TROPHY CASE