x86 Assembly Language and Shellcoding on Linux

This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification.

Student ID: PA-7449

Goal

The goal of this assignment is to create a custom crypter for a shellcode in any language.

Methods

I used Python 3 and the Fernet encryption method. To execute the shellcode I relied on hacktracking’s awesome guide on executing shellcode in Python.

Code

The code is very simple, I’m only using 3 functions:

  • exec(payload)
  • encrypt(plaintext)
  • decrypt(ciphertext)

The first function does the execution, it loads the payload into the memory and executes it.

The second and third function takes care of the encryption/decryption of the payload. I used Fernet because the algorithm only requires the key and takes care of everything else for you.

Other than these three functions, only the basic I/O handling is implemented.

Usage:

python ./crypter.py <encrypt/decrypt> <payload/encrypted payload>

When an encrypted payload is fed in, the script decrypts the payload and tries to execute it, otherwise the plaintext payload is encrypted and printed to the stdout.

Source:

https://github.com/fuzboxz/SLAE/blob/master/assignments/crypter/crypter.py

Final Thoughts

Python is awesome, Fernet is easy to use. A+++.

Again, all the code is on my Github and if you want to be informed about new posts, just follow me on Twitter at @fuzboxz.