aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-19 15:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update re102_section4.3.md

Browse Source
This commit is contained in:
SECURED.ORG
2017-08-09 19:33:49 -07:00
committed by GitHub
parent 06748b1fec
commit 79a3f73e9e
1 changed files with 2 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
RE102/re102_section4.3.md
View File

@@ -31,21 +31,17 @@ There are many tools and scripts available that help you convert shellcode into
[http://www.godevtool.com/Golink.zip](http://www.godevtool.com/Golink.zip)
4. Extract golink.exe
5. Create a **decrypted_shellcode.asm** file with the following instructions
```
Global Start
SECTION 'AyyLmao' write, execute,read
Start:
incbin "decrypted_shellcode.bin"
```
6.From a command line run the following command to assemble the code:
6. From a command line run the following command to assemble the code:
```
yasm.exe -f win32 -o decrypted_shellcode.obj decrypted_shellcode.asm
```
7. Now run the linker
```
golink /ni /entry Start decrypted_shellcode.obj
```
@@ -53,4 +49,4 @@ golink /ni /entry Start decrypted_shellcode.obj
Finally, open the decrypted_shellcode.exe into IDA for Section 5.
[Section 4.2 <- Back](https://securedorg.github.io/RE102/section4.2) | [Next -> Section 5](https://securedorg.github.io/RE102/section5)
[Section 4.2 <- Back](https://securedorg.github.io/RE102/section4.2) | [Next -> Section 5](https://securedorg.github.io/RE102/section5)