Tuesday 7 June 2016

GSoC Week 2 : Opcoder and Windows Shellcode

Hello,

Completed 2nd week of GSOC and it was a good one :)

This week I made opcoder that converts the assembly code to opcodes. I worked mostly with the tool, adding windows options to the tool and all. It was made easy because of great tutorial by Ali here : https://ali-razmjoo.gitbooks.io/owasp-zsc/content/English/developers_s1.html . and the second thing that I did was converted static shellcode of calc.exe to dynamic so it can execute any file. First I started by writing that myself and I spent a day on it and then I came across generate function which was there in tool which does the same thing so used that for opcoder. I didn't interact daily with my mentor Brian this week as I was able to do most of my work but I interacted with Ali many times as I had questions with tool. Whenever I ask any doubts to Brian or Ali they reply very fast without taking much time though they are busy with their job. Good to have such active mentors :).Here are couple of screenshots from tool of the options and shellcode generated.


  
 (Ignore that line by line opcodes in 2nd ss it was print statement :P)


I have pushed changes to main repo here : https://github.com/Ali-Razmjoo/OWASP-ZSC/pull/46/files I feel that the opcoder is messy currently but I will document it when I have all the shellcode covered, as with other shellcodes coming I think it will change a lot in coming weeks.

I started create directory shellcode yesterday. It was planned to be started at end of week 2 but started in week 3. So to keep going with schedule, this week I should complete Create Directory and Write to File shellcode. I almost completed create directory shellcode as it uses function CreateDirectory which is already in kernel32.dll so I hope remaining time will be enough to compete file shellcode as it is slightly complicated as it requires functions like fopen,fwrite which are present in other dll which needs to be loaded into process.

No comments:

Post a Comment