SQLAlchemy and MySQL server has gone away (error 2006)

I encountered a problem with MySQL and SQL alchemy when trying to run a large insert. Considering other inserts were working perfect it made me suspect that there was a tress hold in place which would not pass the large commit. I looked at the different settings and finally found out it was due to a too small max_allowed_packet value. I increased the value to 64M which solved my problem.

SLAE Assignment 7: Custom Crypter

This assignment is the 7th assignment in the SecurityTube Linux Assembly Expert certification exam. The goal was to write your own crypter in any language you wanted. I decided to write an AES crypter in C (I have almost no experience in C). I got a better grasp on C principles (I made some mistakes) and realized how spoiled we are when we are able to use languages like python or java.

SLAE Assignment 6: Creating polymorphic versions of existing Shellcode

This is the sixth and for me final SLAE assignment before I will hand in everything (and hopefully get certified). The assignment consisted of generating polymorphic versions of shellcode found on shell-storm.org. I took three examples, the first adds a root account to /etc/passwd, the second

SQLAlchemy and MySQL server has gone away (error 2006)

I encountered a problem with MySQL and SQL alchemy when trying to run a large insert. Considering other inserts were working perfect it made me suspect that there was a tress hold in place which would not pass the large commit. I looked at the different settings and finally found out it was due to a too small max_allowed_packet value. I increased the value to 64M which solved my problem.

SLAE Assignment 5: Analyzing msfpayload shellcode

The fifth assignment for completing the SecurityTube Linux Assembly Expert is analyzing three different msfpayloads using libemu, gdb and ndisasm. I decided two go with an execve, tcp shell and reverse tcp shell payload. The goal is to understand how these payloads are constructed, how they work and what they do. The benefit of analyzing shellcode yourself is that you learn new techniques by looking at different shellcodes. Below you can find my three analysis.

SLAE Assignment 4: Custom Encoder

This post is about my custom shellcode encoder which I baptised Kaiten Suwappa. It's a simple encoder which rotates and swaps bytes to obfuscate the shellcode. I wrote this as my 4th assignment for the SecurityTube Linux Assembly Expert course.

SLAE Assignment 3: Egg Hunter Shellcode

The third assignment for the SecurityTube Linux Assembly Expert exam was to explore egghunter shellcode. An egghunter is a two-stage shellcode which has one part random somewhere in memory and another part which gets executes and goes looking for the other part.Egghunting works by traversesing all of the memory and then executes the shellcode when it finds a certain pattern. I've made a list of resources where you can read up on egghunting, some of it is for Windows and others are for Linux. I've also written my own implementation which can be found below.

SLAE Assignment 2: Writing Reverse TCP Shellcode

This is the first assignment in the Securitytube SLAE series. The assignment consists of writing your own reverse TCP shell. I wrote mine based on the analysis I made in a previous assignment. I also wrote a wrapper in python which generates the shellcode containing a custom IP and port.

SLAE Assignment 1: Writing your own Bind TCP Shellcode

This is the first assignment in the Securitytube SLAE series. The assignment consists of writing your own bind tcp shell. I've compiled a list of resources I used to better understand how this works and also taking parts of other people's shellcode which make your code better. My code included below is what I wrote, it's far from optimal as their are ways to compact the code so the length of the shellcode would be lower. Personally I wouldn't use my shellcode as there are tons of shorter and better variants available, however you are free to use it for whatever you want.

Passing arguments to execve using the stackmethod

I'm almost finished on SecurityTube SLAE32 videos, I've been slacking a little lately on getting this course done so I'm now trying to finish up so I can do the exam. The current assignment is how one can pass arguments to execve. For instance if you are running shellcode which runs "ls -l", how do you pass the "-l" as argument? Well read on and find out.