Assembly Language and Shellcoding on Linux - Part 1 (Introduction)

Introduction

I've been working my way through the SecurityTube Linux Assembly Expert course for the past few days.

http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/

The final exam for the course consists of writing a series of blog posts to cover seven assignments set out for the students (me) to complete.


Assignments

The assignments are as follows:

  1. Create Bind TCP Shellcode
    • Shellcode binds to a port
    • Executes a shell on an incoming connection
    • Port number should be easily configurable
  2. Create Reverse TCP Shellcode
    • Shellcode connects to IP and port
    • Passes a shell on connection
    • IP and port number should be easily configurable
  3. Egg Hunter Shellcode
    • Create Egg Hunter Shellcode
    • Configurable for different payloads
  4. Custom Encoding Schemes
    • Create a custom Shellcode encoder
    • Encode a stack based execve shell using the custom encoder
  5. Analysing Metasploit Payloads
    • Analyse at least 3 payloads provided by metasploit
  6. Polymorphic Shells
    • Select 3 shells from Shell-Storm
    • Modify shells to be polymorphic
    • New Shellcode must not be >150% in size from the original
  7. Create a Custom Crypter
    • Encrypts and Decrypts Shellcode

Overview

Over the next few days I will posting up my assignments. Hopefully they will help some people with their learning. I'm not saying they will be perfect and I welcome any feedback/advice if anyone spots anything wrong or has any suggestions.


Setup

Repository
All the code used in the blog posts will be shared in my github repository.
https://github.com/DeathsPirate/SLAE

All code will be provided under Creative Commons Zero 1.0


This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:

http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/

Student ID: SLAE-734