code16: Linux Assembly - Simple shellcode ride

niedziela, 1 sierpnia 2021

Linux Assembly - Simple shellcode ride

Hi ;) According to our last 'quick intro' with an example of hello_world code in ASM on Linux this time we'll try to create something else. Here we go...

This time we'll start here:

Credits

Our environment looks exactly the same as we prepared it for the previous journey - 'quick intro' - so Ubuntu 20.04 (with nasm installed using apt) should be fine.

If everything is ready we can continue directly here with a new (asm) file.

I decided it is nice to use "some automatically generated shellcode" (like from the MSF or simply using your "bash-fu" ;)) but it will also be nice to prepare one step by step from the 0. So here we go. :)

(With our 'new asm file') we can continue (according to our last example) here:

As you can see "the idea" (of coding in ASM ;]) is "simple" ;D

"Just put a proper value in a proper register", isn't it? ;>

(Hint: "maybe".) So, for now, let's think about creating "our own shellcode". What does it mean: simply run /bin/sh using ASM.

But why?

(Hm... "Question's always 'how'" ;))

Well. I believe it's "good to know" what tool(s) you can use to 'generate a fast shellcode' if you need it. But in other hand it's also "nice and cool" to understand how those things works in the background (at least "in my opinion" ;)).

So - let's start (similar to the 1st example) with the idea we'd like to "implement" in our shellcode. "/bin/sh" ;]

For our (basic) needs it will be a simple 'execve-shellcode'. Let's start here and use the same "skeleton" as we used before. We'll modify it a bit to use execve().

TL;DR:

At this stage I should prepare a few pages about this-or-that-call and/or this-and-that-register and the purpose of it... but (after last few days of my 'refreshing journey' with ASM ;]) let's use a link I found today - so we can continue right here: