Join our FREE personalized newsletter for news, trends, and insights that matter to everyone in America

Newsletter
New

The Right Tool For The Job

Card image cap

Recently, I embarked on the Intro to Assembly Language module on Hack the Box. Coming from a background in C, I thought I had a good grasp of compiled languages. However, I quickly realized that Assembly is an entirely different beast. While Hack the Box is an excellent platform, it's not necessarily the ideal place to learn programming languages in depth.
But the module was also the last one I needed to complete the SOC Analyst Prerequisites Skill Path and, I don't know you, but I hate to have unfinished business.
And then I reach last skills assessment:

We are performing a pentest, and in a binary exploitation exercise, we reach the point where we have to run our shellcode. However, only a buffer space of 50 bytes is available to us. So, we have to optimize our assembly code to make it shellcode-ready and under 50-bytes to successfully run it on the vulnerable server.
Tips

  1. Refer to the "Syscalls" section to understand what the assembly code is doing.
  2. Refer to the "Shellcoding Techniques" section to be able to optimize the assembly code. The above server simulates a vulnerable server that we can run our shellcodes on. Optimize 'flag.s' for shellcoding and get it under 50 bytes, then send the shellcode to get the flag. (Feel free to find/create a custom shellcode)

After spending two frustrating days attempting to optimize assembly code manually, I had an epiphany. The mindset of a hacker differs from that of a traditional programmer. Sometimes, the most efficient solution is choosing the right tool rather than writing code from scratch.
I turned to MSFVenom, a powerful payload generation tool. Here's the magic command:

msfvenom -p 'linux/x64/exec' CMD='cat /flg.txt' -a 'x64' --platform 'linux' -f 'hex'

where:
-p 'linux/x64/exec' - select the payload to execute commands
CMD='cat /flg.txt' - specify the command to run
-a 'x64' - define the system architecture
--platform 'linux' - set the target OS
-f 'hex' - choose the output format
Result?

The final step was simple: use netcat to send the shellcode to the target machine. Boom! Flag obtained.
Hacking is fundamentally about tool selection and strategic thinking, not just raw coding skills. Sometimes, the most elegant solution is the simplest one.

Something to read: Trent Dalton - Boy Swallows Universe
Something to listen to: Papir - IX
Something to watch: Nouvelle Vague

Back to Listing
credit: 
Popular Products