My collection of assembly
apt install nasm make mingw-w64 xxd- Each directory has an
.asmfile with the assembly. Build the.asmfile and get the opcode bytes withmake print. - If the directory has a
.cfile, copy the generated assembly bytes into it and build a test executable withmake test.
- macOS:
- Linux:
- Windows:
- Enable Windows Subsystem for Linux (WSL):
# run in an Administrator window
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux- Reboot machine
- Install Ubuntu WSL version from Microsoft Store
- Enable OpenSSH Server:
# run in an Administrator window
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'- SSH into Windows Box and start Bash shell from the
cmd.exeprompt by runningpowershellthenbash - Environment setup after installing Windows subsystem for linux (Ubuntu flavor):
# installs mingw cross-compiler into linux subsystem for compiling shellcode
sudo apt update
sudo apt upgrade
sudo apt install nasm make mingw-w64- For testing/debugging, install MinGW32. Allows for debugging of shellcode (on a default install of MinGW32, gdb will be at
/mnt/c/MinGW/bin/):
/mnt/c/MinGW/bin/gdb.exe MessageBox.exe
GNU gdb (GDB) 7.6.1
...
(gdb) p/x &shellcode
$1 = 0x403020
(gdb) b *0x403020
Breakpoint 1 at 0x403020
(gdb) r
Starting program: MessageBox.exe
[New Thread 4004.0x1514]
[New Thread 4004.0x1dc4]
Breakpoint 1, 0x00403020 in shellcode ()
(gdb)
- Fixing
Operation did not complete successfully because the file contains a virusWindows error for testing shellcode:- Open the Settings app and go to the Update & Security section. In the left pane navigate to Windows Defender and in the right pane disable Real-time protection.