Skip to main content

Init...

Just as everything that exists has a beginning. Here is a short note to boot up this blog.

About me
When I was 15 (back in the late 1970s) I worked part time as a computer coder for the Government. Later I studied Fortran 77 in University. I obtained a 3rd Class Power Engineering diploma from SAIT (Southern Alberta Institute of Technology) in 1988. In 1989 I purchased my first PC. It was a 12 Mhz 80286 IBM compatible with 2 MB of ram.

After having a few issues with my PC (mostly with hardware but also with software) I quickly became aware that I already knew more than the local PC repairman. I purchased several computer books over a short time frame and rapidly increased my PC expertise.

That was my start.

By 1996 I was a Network Administrator for a local Computer Based Training facility. I have worked full time in IT (Information Technology) ever since.

I have run my own web sites since 1996. I have created my own guest book, blog, and ecard applications in the past. In 2011 I built my own CMS which has a foundation / framework based on security best practices. When I get time I will create one or more polished templates for it and start actually using it.

Backing up a little, in early 1990 I purchased a software development package created by Borland. It was a bundle which included Turbo Pascal, Turbo Debugger and Turbo Assembler. I created a number of applications with Turbo Pascal and even taught myself Turbo Assembler and created some interesting applications using it.

In roughly 1994 or 1995 (I can't remember exactly what year), I tutored someone who was studying Turbo Assembler in the Medicine Hat college as part of a computer science diploma. I helped him complete his class project (they were stuck) and they received 10 out of 10 on the project.

Well there is some background. You can find more on my linkedin profile.
https://ca.linkedin.com/in/rtaylor777

Why this Blog?
I have been studying a course called "SecurityTube Linux Assembly Expert" and one of the things that I am required to do, as part of the "exam", for the certification is to create a blog. There are 7 assignments for the exam and I am required to create a blog post for each of them. Additionally I am supposed to create a GitHub account and upload my code for the 7 assignments to GitHub.
https://github.com/rtaylor777

What?
For the purposes of the SLAE64 certification exam, I will be creating at least 7 blog posts on topics such as a customized (by me) Shell_Bind_TCP shellcode, a customized (by me) Shell_Reverse_TCP shellcode, an Egg Hunter shellcode created by me, a custom encoding scheme to hide a shellcode from antivirus scans, analysis of some existing shell code in use by metasploit, analysis of some shell code available on the Shell-Storm website, and a custom crypter (created by me) for encrypting and decrypting a shellcode.
Student ID: SLAE64-1434
http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/
http://www.securitytube-training.com/online-courses/x8664-assembly-and-shellcoding-on-linux/index.html

Thanks
Well that is quite a bit of text for a first post, if you find any of the topics that I have or will be blogging about interesting please stay in touch (by checking my blog of course).


Rob

Comments

Post a Comment

Popular posts from this blog

GIAC GXPN Review – SANS SEC660 (Advanced Penetration Testing, Exploit Writing, and Ethical Hacking)   Intro  SANS is a well respected and premier cyber security training company that employs industry experts as instructors. GIAC is a company that produces testing to validate the skills of security professionals. GIAC exams validate the learning outcomes of the SANS courses. Prerequisites Before attempting this course you should be familiar with penetration testing as this is an advanced course. I would say that you should also be familiar with assembly language and shellcoding. It would be best if you have studied basic stack overflow exploits prior to this course. You will need a basic understanding of programming in C or C++ (preferably both). Scripting using Python would be a useful prerequisite. If you could learn a bit of Ruby scripting it would help for the Metasploit module creation. Be familiar with various routing and networking protocols. Course Coverage This course covers ma
Post a Comment
Read more

PolySetuidExecve1434

This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification." http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE64-1434 Target Operating System : 64 bit Linux (x86_64 GNU/Linux) This blog post is part of Assignment 6: http://a41l4.blogspot.ca/2017/03/assignment-6.html The Original Version: http://shell-storm.org/shellcode/files/shellcode-77.php My Version: GitHub Link : https://github.com/rtaylor777/nasm/blob/master/PolySetuidExecve1434.nasm Published : https://www.exploit-db.com/exploits/41498/ Original Shellcode bytes = 49 My version: Number of bytes = 31 Number of nulls = 0 PolySetuidExecve1434.nasm Intro This shellcode when executed will first setuid(0) and then execute /bin/sh and provide you with a shell. The purpose of calling setuid(0) is, suppose that you have managed to inject this shellcode into an executable that is Set-UID root. I
Post a Comment
Read more

PolyFlushIPTables1434

This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification." http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/ Student ID: SLAE64-1434 Target Operating System : 64 bit Linux (x86_64 GNU/Linux) This blog post is part of Assignment 6: http://a41l4.blogspot.ca/2017/03/assignment-6.html The Original Version: http://shell-storm.org/shellcode/files/shellcode-683.php Original size: 50 bytes (don't believe what he says :) My Version: GitHub Link : https://github.com/rtaylor777/nasm/blob/master/PolyFlushIPTables1434.nasm Published : https://www.exploit-db.com/exploits/41503/ My version: Number of bytes = 47 Number of nulls = 0 PolyFlushIPTables1434.nasm  Intro This shellcode basically just executes /sbin/iptables -F without any other parameters. man iptables "-F, --flush [chain]               Flush  the  selected  chain (all the chains in the table if none i
Post a Comment
Read more