Archive for July, 2011

Writing Self modifying shellcode

July 31st, 2011 1 comment


Nowadays, as I am working on the shellcoding, I thought of writing the self modifying shellcode. Normally, this kind of behaviour is seen in malwares, packers etc, where the code gets modified due to the other instructions. Lets have a look how to do so:


I will be taking the example of MessageBox shellcode. This shellcode I have prepared earlier. Using it as a basis, I would write the self modifying code. The shellcode for MessageBox looks like:


004040A0 31DB       XOR EBX,EBX ;Zero the EBX

004040A2 68 47474700       PUSH 0×00474747 ;PUSH “GGG”

Read more…

Categories: MalwareAnalysis Tags:

Writing Shellcode

July 31st, 2011 No comments

The WinExec shellcode (NASM)


[Section .text]



global _start



JMP GetCmd


POP EBX ;Holds the Pointer to the command string to be executed using WinExec

MOV ECX,1 ;Parameter 2 for WinExec SW_SHOWNORMAL

PUSH ECX ;Push the 2nd param on the stack

PUSH EBX ;Push the first Param

XOR EBX,EBX ;Zero the EBX register

MOV EBX,0x7c86114d ;WinExec address. found it using Arwin utility

CALL EBX ;Call the WinExec


Read more…

Categories: MalwareAnalysis Tags:

Basics of Active Directory

July 31st, 2011 1 comment

Active Directory:

Overview: Active Directory(AD) is a directory Service created  by Microsoft. Active Directory provides the means to manage the identities and relationships that make up the organization’s network. Active Directory gives you out-of-the-box functionality needed to stores all information and settings for a deployment in a central database and allows administrators to assign policies, deploy and update software.

Active Directory uses a number of standardized protocols to provide a variety of network services, including:

  • Lightweight Directory Access Protocol LDAP, the industry standard directory access protocol, compatible with many management and query applications. Active Directory supports LDAPv3 and LDAPv2.
  • Optional Kerberos-based authentication.
  • DNS-based naming and other network information.

Active Directory Benefits:

  • Integration with DNS:  Active Directory uses the Domain Name System (DNS). DNS is an Internet standard service that translates human-readable computer names (such as to computer-readable numeric Internet Protocol (IP) addresses (four numbers separated by periods). Read more…

Reading your Mind

July 31st, 2011 1 comment

This is a small mind reading game. You have to think a Number between 1 and 63 (including 1 and 63). Some lists will be shown to you and you have to tell me the in which of the lists your number appears and i’ll tell you the number which is there in your mind.
Read more…

Application Security – The Basics

July 28th, 2011 2 comments

The Institute for Security and Open Methodologies (ISECOM) defines security as “a form of protection where a separation is created between the assets and the threat”.
Security in general has many categories, it can be the security of physical assets like Home, Airport, Infrastructure, or some kind of political security like Human security, national security or computer security which itself  has many categories.

Read more…

Client Side Exploits Using PDF

July 28th, 2011 No comments

Switch to our mobile site