0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html

Preview meta tags from the 0xboku.com website.

Linked Hostnames

7

Search Engine Appearance

Google

https://0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html

SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode

Overview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0



Bing

SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode

https://0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html

Overview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0



DuckDuckGo

https://0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html

SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode

Overview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0

  • General Meta Tags

    6
    • title
      SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode - Boku
    • charset
      utf-8
    • description
      Overview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0
    • author
      Bobby Cooke
    • article:published_time
      2019-08-14T00:00:00+00:00
  • Open Graph Meta Tags

    6
    • og:type
      article
    • US country flagog:locale
      en_US
    • og:site_name
      Boku
    • og:title
      SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode
    • og:url
      https://0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html
  • Item Prop Meta Tags

    3
    • headline
      SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode
    • description
      OverviewFor our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode.What is a reverse shell?A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal.After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode.Creating the Assembly Shellcode1. Create the Socket.C Functionint socket(int domain, int type, int protocol);Our C Function<socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.hSOCK_STREAM = 1cat /usr/include/i386-linux-gnu/bits/socket.h#define AF_INET PF_INET#define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0
    • datePublished
      August 14, 2019
  • Link Tags

    3
    • alternate
      /feed.xml
    • canonical
      https://0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html
    • stylesheet
      /assets/css/main.css

Links

16