tag:blogger.com,1999:blog-7596701773026668906.post1793166123069136384..comments2023-10-23T12:49:50.988-07:00Comments on 5x5 security: Fun with Shellcode@charleypfaffhttp://www.blogger.com/profile/15554204928116343133noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-7596701773026668906.post-17881369872556509222016-12-04T07:47:05.900-08:002016-12-04T07:47:05.900-08:00Using Kaspersky security for many years now, and I...Using <b><a href="http://antivirus.syntaxlinks.com/r/Kaspersky" rel="nofollow">Kaspersky</a></b> security for many years now, and I'd recommend this anti virus to everybody.Bloggerhttps://www.blogger.com/profile/07287821785570247118noreply@blogger.comtag:blogger.com,1999:blog-7596701773026668906.post-60821458588175971862012-02-21T07:03:08.835-08:002012-02-21T07:03:08.835-08:00Awesome! Looking forward to that!Awesome! Looking forward to that!Tylerhttps://www.blogger.com/profile/15411793726236555303noreply@blogger.comtag:blogger.com,1999:blog-7596701773026668906.post-3062687770074214222012-02-21T06:09:46.061-08:002012-02-21T06:09:46.061-08:00Tyler, thanks for the comment and the explanation....Tyler, thanks for the comment and the explanation. I was planning on taking this a little further on the next posts and using a sed script that converts between at&t and intel and diving into other code and then some 16bit code.@charleypfaffhttps://www.blogger.com/profile/15554204928116343133noreply@blogger.comtag:blogger.com,1999:blog-7596701773026668906.post-13679760001332399542012-02-21T05:43:48.389-08:002012-02-21T05:43:48.389-08:00The assembler you extracted from the shellcode pag...The assembler you extracted from the shellcode page is in AT&T syntax. NASM only uses Intel syntax (which is what you are most used to seeing). This is why NASM failed to assemble it correctly - it tried to assemble it assuming it was in Intel syntax.<br /><br />http://asm.sourceforge.net/articles/linasm.html has a good description of the differences in the syntax.<br /><br />Great job on the post! Looking forward to many more!Tylerhttps://www.blogger.com/profile/15411793726236555303noreply@blogger.comtag:blogger.com,1999:blog-7596701773026668906.post-71430680476432901872012-02-18T06:58:51.431-08:002012-02-18T06:58:51.431-08:00Chris, good catch i kind of breezed over that litt...Chris, good catch i kind of breezed over that little piece. I made the changes to reflect how to get shellcode2exe. Quickly the file is located here http://zeltser.com/reverse-malware/shellcode2exe.py.txt@charleypfaffhttps://www.blogger.com/profile/15554204928116343133noreply@blogger.comtag:blogger.com,1999:blog-7596701773026668906.post-8403148149238318852012-02-18T06:28:39.787-08:002012-02-18T06:28:39.787-08:00Nice article...but i dont have a shellcode2exe.py ...Nice article...but i dont have a shellcode2exe.py file after install the inlineegg...Chrishttps://www.blogger.com/profile/14846638191782817919noreply@blogger.com