
0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html
Preview meta tags from the 0xboku.com website.
Linked Hostnames
7- 8 links to0xboku.com
- 2 links totwitter.com
- 2 links towww.linkedin.com
- 1 link togithub.com
- 1 link tojekyllrb.com
- 1 link tomademistakes.com
- 1 link towww.facebook.com
Search Engine Appearance
SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode
Overview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0
Bing
SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode
Overview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0
DuckDuckGo
SLAE32 Assignment 2 - TCP Reverse-Shell Shellcode
Overview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0
General Meta Tags
6- titleSLAE32 Assignment 2 - TCP Reverse-Shell Shellcode - Boku
- charsetutf-8
- descriptionOverview For our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode. What is a reverse shell? A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal. After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode. Creating the Assembly Shellcode 1. Create the Socket. C Function int socket(int domain, int type, int protocol); Our C Function <socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.h SOCK_STREAM = 1 cat /usr/include/i386-linux-gnu/bits/socket.h #define AF_INET PF_INET #define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0
- authorBobby Cooke
- article:published_time2019-08-14T00:00:00+00:00
Open Graph Meta Tags
6- og:typearticle
og:locale
en_US- og:site_nameBoku
- og:titleSLAE32 Assignment 2 - TCP Reverse-Shell Shellcode
- og:urlhttps://0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html
Item Prop Meta Tags
3- headlineSLAE32 Assignment 2 - TCP Reverse-Shell Shellcode
- descriptionOverviewFor our second assignment in the SLAE32 course we were tasks with creating reverse shell, shellcode.What is a reverse shell?A reverse shell is a program that is executed on a victim device, and connects to a remote host. Once the victim connects to the remote host, the victim executes an interactive shell within the connection. Input and Output of the reverse shell program is passed to the remote host, allowing the remote host to execute commands as if they were physically connected to the terminal.After writting the first bind shell, shellcode I felt I had a grasp on Assembly, and skipped right into creating the shellcode.Creating the Assembly Shellcode1. Create the Socket.C Functionint socket(int domain, int type, int protocol);Our C Function<socketcall> socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3EAX=0x66 EBX ECX[0] ECX[1] ECX[2] EAX = 0x66 = 102 System Call socketcall 102 EBX = 0x1 = socket() Value of EBX Register for socketcall to create a new socket. ECX[0] = int domain = AF_INET = PF_INET = 0x2 Finding the value for PF_INET. cat /usr/src/linux-headers-$(uname -r)/include/linux/net.hSOCK_STREAM = 1cat /usr/include/i386-linux-gnu/bits/socket.h#define AF_INET PF_INET#define PF_INET 2 We see that AF_INET is mapped to PF_INET ECX[1] - int type = SOCK_STREAM = 0x1 ECX[2] = int protocol = 0
- datePublishedAugust 14, 2019
Link Tags
3- alternate/feed.xml
- canonicalhttps://0xboku.com/2019/08/14/SLAE32_2_ReverseShell.html
- stylesheet/assets/css/main.css
Links
16- https://0xboku.com
- https://0xboku.com/2019/08/10/SLAE32_1_BindShell.html
- https://0xboku.com/2019/08/18/SLAE32_3_egghunter.html
- https://0xboku.com/2020/05/21/WebApp_PHP-FileUploadBypass.html
- https://0xboku.com/2021/07/12/ArtOfDeviceCodePhish.html