INTRODUCTION

This tutorial is part of the SecurityTube Linux Assembly Expert certification.
The goal of this assignment is to study Egg Hunter Shellcode, create a Linux 32bit demo and configure it for different payloads.

The tutorial will contain example source with comments. Listed source code may have formatting issues so best place to obtain copies is from the project’s Github repo.

This assignment will build from the previous bind shell and reverse shell assignments and so will not be reiterating explanations already covered there.

Egg Hunter Research

The problem

Generally shellcode tends to be delivered as part of an exploit against vulnerable software.

Below I have listed an example piece of software which is vulnerable to a stack overflow exploit in the send parameter passed to it. The source code comments explain why.

First ensure your system has ASLR disabled then compile

target$ sudo echo 0 > /proc/sys/kernel/randomize_va_space target$ gcc…