Shellcode can be seen as a list of instructions that has been developed in a manner that allows it to be injected in an application during runtime. Each security researcher face the shellcodes during their work, and in this article I'll show how to detect shellcodes using Python (via libemu Python binding).
Few words about libemu:
libemu is a small library written in C offering basic x86 emulation and
shellcode detection using GetPC heuristics. Intended use is within network intrusion/prevention detections and honeypots.
The information on the site is not actual in some places, so I'll give direct and clear instruction how to get and install libemu.
Clone the git repository:
$ git clone git://git.carnivore.it/libemu.git
Firstly, configure, make and install libemu itself (without binding):
$ autoreconf -v -i
$ ./configure --prefix=/opt/libemu
$ sudo make install
If you set up prefix as shown above, you have to add the library path to /etc/ld.so.conf file. It should loo…
UPDATE (07/18/17): The original article was written in 2011 and pretty much outdated, I've updated the numbers and conclusions.
I've got a question about which programming language is preferable for the website development for embedded systems (with limited resources). Here is my small investigation in a table form. Please note that the question was about only these 3 programming languages - there are better candidates for the embedded systems now (for example, Rust).
The Memory and Performance overhead numbers are based on the n-body benchmark and calculated as relatives to "C gcc #4" measurements.
Back-end functionality is based on LanguageTool functionality (in particular, the add-on uses its webserver). Though it can work without any further customization, it is strongly recommended to setup a local LT server (see below), and change the add-on preferences to use your server. By default, the add-on uses the local server and falls back to public LT server (that can't handle the high load and can't guarantee the privacy). The grammar checking is available via Tools menu, the context menu and the corresponding toolbar button.
Language and server settings can be changed using the add-on preferences:
Supported languages: English (en), Dutch (nl), French (fr), German (de), Italian (it), Polish (pl), Romanian (ro), Russian (ru), Slovak (sk), Slovenian (sl), Spanish (es), Swedish (sv), Ukrainian (uk), Asturian (ast), Belarusian (be), Breton (br), Catalan (ca), Chinese (zh), Danish (d…