SLAE-473 ASSIGNMENT #4 Custom Shellcode Insertion Encoder



This tutorial is part of the SecurityTube Linux Assembly Expert certification.

The goal of this assignment is to create a custom insertion encoding scheme, a proof of concept for an execve-stack shellcode.

The tutorial will contain example source with comments. Listed source code may have formatting issues so best place to obtain copies is from the project’s Github repo.

This assignment will build from the previous assignments and so will not be reiterating explanations already covered there.

The problem

Sometimes delivering the an exploit payload with just a plain shellcode will not suffice when it comes to situations where a signature based protection, such as Anti-Malware is in place. This is where techniques for obfuscating the final shellcode comes into play.

The solution

Generally two methods exist, encryption and encoding, the later being simpler. This assignment will demonstrate a simple insertion based algorithm which will insert a random byte…

View original post 2,087 more words

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s