Assembly Language and Shellcoding on Linux - Part 1 (Introduction)


I've been working my way through the SecurityTube Linux Assembly Expert course for the past few days.

The final exam for the course consists of writing a series of blog posts to cover seven assignments set out for the students (me) to complete.


The assignments are as follows:

  1. Create Bind TCP Shellcode
    • Shellcode binds to a port
    • Executes a shell on an incoming connection
    • Port number should be easily configurable
  2. Create Reverse TCP Shellcode
    • Shellcode connects to IP and port
    • Passes a shell on connection
    • IP and port number should be easily configurable
  3. Egg Hunter Shellcode
    • Create Egg Hunter Shellcode
    • Configurable for different payloads
  4. Custom Encoding Schemes
    • Create a custom Shellcode encoder
    • Encode a stack based execve shell using the custom encoder
  5. Analysing Metasploit Payloads
    • Analyse at least 3 payloads provided by metasploit
  6. Polymorphic Shells
    • Select 3 shells from Shell-Storm
    • Modify shells to be polymorphic
    • New Shellcode must not be >150% in size from the original
  7. Create a Custom Crypter
    • Encrypts and Decrypts Shellcode


Over the next few days I will posting up my assignments. Hopefully they will help some people with their learning. I'm not saying they will be perfect and I welcome any feedback/advice if anyone spots anything wrong or has any suggestions.


All the code used in the blog posts will be shared in my github repository.

All code will be provided under Creative Commons Zero 1.0

This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:

Student ID: SLAE-734