SLAE Assignment 4 – Custom Encoder

Assignment Create a custom encoding scheme like the “Insertion Encoder” we showed you PoC with using execve-­‐stack as the shellcode to encode with your schema and execute Approach So for our 4th assignment we need to create a custom encoder then decoder stub in assembly to decrypt the encoded payload and execute our shell code. For this I will be using a XANAX encoding scheme. Xor add not add xor  First we will write an encoder in python followed by the decoder in assembly. Encoder The one small gotcha within the code was the not function which creates a negative... Read more

SLAE Assignment 3 – Egg Hunters

Assignment Study about the Egg Hunter shellcode Create a working demo of the Egghunter Should be configurable for different payloads What is an Egg Hunter? A egg hunter is a small piece of code that is used to search memory for an identifying stub and then direct execution flow to the area of memory directly after the identifier (egg). This is typically useful in exploitation scenarios where available space for shellcode is not big enough to hold a full payload. In this case a small egg hunter shell code can be used to search memory for a larger shell code... Read more

SLAE Assignment 2 – Reverse Shell – Shell-code

Intro So assignment two is similar to assignment one, but this time is a reverse shell. Approach has been exactly the same, Eg C POC, Assembly than wrapper program. To be fair the assembly came a bit easier this time and wasn’t fair off working on first attempt so I’m making progress. C Reverse Shell First things first is the C proof of concept which is in fact a touch easier than the bind shell if anything be pretty straight forward to understand. Assembly Reverse Shell As before this is a direct translation of the C code into assembly. Only... Read more

SLAE Assignment 1 – TCP Bind Shell-code

Intro So part one of the challenges for Security Tube Linux Assembly Expert (SLAE) certification, TCP bind shell code. For more info on the course look here. Given my minimal knowledge of C programming at this point my intended process for this challenge is to: Identify the steps I need to take with the code Write a working C proof of concept for the task Port the C code to assembly language Compile and link to a binary and extract the working shell-code Finally work out a way of making the port number dynamic for the shell-code Identify the steps... Read more

e2m3u2bouquet 0.7

v0.7 Updated release today of the script only. This update adds the following functionality to the script Config file based settings Support for multiple providers If you are a plugin user on 0.6.3 with a single IPTV provider there is no need to upgrade to script version 0.7 (Plugin v0.7 is in the pipe line). However as probably the largest out standing feature on our list I thought it worth releasing the script alone for those that don’t mind the commandline. So script release is available here; Install Guide Download and extract the file. FTP it to /etc/enigma2/e2m3u2bouquet... Read more

FAB URL Changes

Fab Urls Changes to the new Fab new urls were made by Doug last night (12/08/2017) However due to changes in the way we handle providers in later versions of the script you need to be on version >= 0.6 of the script or plugin to receive these changes. See here or here to download the latest version. Also please note FAB continue to be blocked by the current court directives despite the change in URLs so do not expect service during EPL matches If you’re looking to setup a VPN on your enigma2 box there’s a guide available on... Read more

Community Guides – E2m3u2bouquet

Community Guides Our old friend Tommy has an excellent guide to using the plugin version 7 upwards on his blog, see the below link for further information Older Guides for earlier versions that may still contain useful information below: Head Melted has done a nice video install guide on YouTube Enigma2 IPTV Bouquets with EPG ipk install , Suls Script removal & ipk install. quick guide. Dsayers Guide to installing and configuring the plugin over on Techkings Suls e2m3u2bouquet 0.6 IPTV Bouquet MakerMaker plugin  

E2m3u2bouquet Help Thread

Help Thread Common problems and resolutions for E2m3u2bouquet. “Permission denied” attempting to run the script Ensure the script is executable, eg run (in the folder the script is in) chmod 777 then run the script as per instructions or run the script via python python -n PROVIDER -u USERNAME -p PASSWORD EPG is not working Ensure you have enabled the source in epg-importer and run a manual import. If this still doesn’t work paste your epg url into firefox, this should return a bunch of XML data to the browser (nb: doesn’t work in chrome), if you don’t receive... Read more

e2m3u2bouquet 0.4.2

V0.4.2 Quick post, purely a bug fix release, Includes 0.4.1 fix invalid picon path hanging the script includes 0.4.1 update service number to use numbers unlikely to be in use by existing sat services includes 0.4.1 leave service number gaps between categories to reduce the effect of playlist additions cause the epg to get out of sync Fixed error for ACE and FLAWLESS users where “:” in category put the box into an infinite loop e2m3u2bouquet_v0.4.2  

e2m3u2bouquet 0.4

V0.4 OK been a couple of weeks but we have been busy. Latest version of the script is now available below or from the home page, goto the home page for install instructions etc. The script has come on a bit and is starting to be a bit more mature, some 500 lines of code compared to the initial release at 100 lines. We are also now a team of 2! so kudos to Doug Mackay for doing at least half the coding on this release, also to Jose Sanchez for supplying the code for the picon support. So changes... Read more