aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-19 15:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update re102_section4.3.md

Browse Source
This commit is contained in:
SECURED.ORG
2017-08-09 19:33:49 -07:00
committed by GitHub
parent 06748b1fec
commit 79a3f73e9e
1 changed files with 2 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
RE102/re102_section4.3.md
View File

@@ -31,21 +31,17 @@ There are many tools and scripts available that help you convert shellcode into
[http://www.godevtool.com/Golink.zip](http://www.godevtool.com/Golink.zip) [http://www.godevtool.com/Golink.zip](http://www.godevtool.com/Golink.zip)
4. Extract golink.exe 4. Extract golink.exe
5. Create a **decrypted_shellcode.asm** file with the following instructions 5. Create a **decrypted_shellcode.asm** file with the following instructions
``` ```
Global Start Global Start
SECTION 'AyyLmao' write, execute,read SECTION 'AyyLmao' write, execute,read
Start: Start:
incbin "decrypted_shellcode.bin" incbin "decrypted_shellcode.bin"
``` ```
6.From a command line run the following command to assemble the code: 6. From a command line run the following command to assemble the code:
``` ```
yasm.exe -f win32 -o decrypted_shellcode.obj decrypted_shellcode.asm yasm.exe -f win32 -o decrypted_shellcode.obj decrypted_shellcode.asm
``` ```
7. Now run the linker 7. Now run the linker
``` ```
golink /ni /entry Start decrypted_shellcode.obj golink /ni /entry Start decrypted_shellcode.obj
``` ```
@@ -53,4 +49,4 @@ golink /ni /entry Start decrypted_shellcode.obj
Finally, open the decrypted_shellcode.exe into IDA for Section 5. Finally, open the decrypted_shellcode.exe into IDA for Section 5.
[Section 4.2 <- Back](https://securedorg.github.io/RE102/section4.2) | [Next -> Section 5](https://securedorg.github.io/RE102/section5) [Section 4.2 <- Back](https://securedorg.github.io/RE102/section4.2) | [Next -> Section 5](https://securedorg.github.io/RE102/section5)