Our Awesome Services

Application Development

Phrozen develops powerful, efficient, user-friendly applications for all kinds of platforms (Microsoft Windows, MacOS, iOS) and in multiple languages (Pascal/Delphi, Python, C#, Swift/SwiftUI, Objective-C, PowerShell, etc.)

Web Development

Our web design pros create amazing-looking, highly secure websites and web applications in a variety of architectures (Python/Django, Python/Flask, NodeJS, Javascript, HTML5/CSS/LESS/SCSS)

Cyber Security

With our expert penetration testing services, you can rest assured that your valuable assets are protected.

Design

We also offer a range of design services to give your applications and websites a professional look and feel, such a logo creation, illustration, and motion design/animation.

Contact Us
Phrozen SLAE32 Certification - Papers - Phrozen
Assignment N°1 - TCP Bind Shell 14 Oct 2020

Assignment Goals (SLAE-1530)

1) Create a TCP Bindshell Shellcode for Linux x86-32.

2) The port number should be easily configurable.

3) Bonus if getting referenced in exploit-db or shell-storm.

TCP Bindshell Principle

In few words, a TCP Bindshell is a tiny server program that waits for new clients on a specific port.

When a new client connects to the server it will spawn a new shell (Ex: /bin/bash or /bin/sh) and "binds" its file descriptors stdin(0) stdout(1) stderr(2) to the new client socket.

Yes, a socket is nothing more than a file.

One infamous method to easily create a bindshell is to use Netcat as following:

root@local:# mknod /tmp/backpipe p && /bin/sh 0</tmp/backpipe | nc -lvp 443 1>/tmp/backpipe

When you connect to port 443 (with any dumb client program ex: Netcat, Telnet) you will get remote control over shell instance.

user@local:$ nc 127.0.0.1 443

Read more...
SLAE32 Bindshell TCP Shellcode NASM
1 year, 8 months ago. SLAE32 Certification