SLAE-473 ASSIGNMENT #3 Egg Hunter Shellcode



This tutorial is part of the SecurityTube Linux Assembly Expert certification.
The goal of this assignment is to study Egg Hunter Shellcode, create a Linux 32bit demo and configure it for different payloads.

The tutorial will contain example source with comments. Listed source code may have formatting issues so best place to obtain copies is from the project’s Github repo.

This assignment will build from the previous bind shell and reverse shell assignments and so will not be reiterating explanations already covered there.

Egg Hunter Research

The problem

Generally shellcode tends to be delivered as part of an exploit against vulnerable software.

Below I have listed an example piece of software which is vulnerable to a stack overflow exploit in the send parameter passed to it. The source code comments explain why.

First ensure your system has ASLR disabled then compile

target$ sudo echo 0 > /proc/sys/kernel/randomize_va_space target$ gcc…

View original post 589 more words

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s