Bright Academic Experts

Category: Assembly Language

  • This lab requires analyzing shellcode execution flow, PEB tr…

    This quiz focuses on understanding how injected shellcode executes after a buffer overflow and how Windows API functions are resolved dynamically at runtime.

    The questions are not asking you to write shellcode. Instead, they require you to observe the provided code and debugger output and explain what is happening at specific points.

    Specifically, the quiz checks whether you can:

    • Identify buffer sizes and initial values in a vulnerable function.
    • Recognize how a buffer overflow overwrites execution flow.
    • Observe the first instruction executed when control jumps to the stack.
    • Understand whether a NOP sled is required based on where execution lands.
    • Identify the API function name being dynamically searched in the shellcode.
    • Understand how the Process Environment Block (PEB) is accessed and used.
    • Recognize the application name passed to WinExec.
    • Identify which DLL contains the target function.
    • Understand how execution returns safely after shellcode execution.

    Each question ties directly to a specific part of the disassembly or debugger view, often referencing exact instructions or line numbers. Answers should be based strictly on what is shown in the provided code and runtime behavior.

    Requirements: 10 aswers | Assembly Language

  • Dynamic WinExec resolution and calculator execution in x64 s…

    • Identify which library contains WinExec and explain why
    • Define the required string variables:
      • winexec_func containing "WinExec"
      • calculator_str containing "calc.exe"
    • Explain how to perform a lookup_api call for WinExec:
      • What value should be loaded into RCX
      • What value should be loaded into RDX
    • Once the function pointer for WinExec is obtained:
      • Explain how to pass the two required parameters to WinExec
      • What values should be in RCX and RDX
    • Reference Assignment 3a:
      • Identify the first and second parameters originally passed on the stack
      • Explain how to replace the push instructions with lea instructions for RCX and RDX
    • Provide the exact assembly code that should be added between line 27 (call rax) and line 51 (; Exit) to spawn the Windows Calculator
    • Include clear explanations for each step so I can understand the logic, not just the final code

    Please make sure the explanation is clear, detailed, and human-written, as this is for a graded lab.

    Thank you!

    Requirements: 2 answer | Assembly Language

  • 1 week complete

    If your question involves randomly in write answer

    Requirements: Assembly Language