This tutorial is part of the SecurityTube Linux Assembly Expert certification.
The goal of this assignment is to take and x86/Linux shellcode sample from http://shell-storm.org/shellcode/ and create a polymorphic version of it to beat pattern matching. The polymorphic version cannot be larger than 150% of the existing shellcode.
For this blog post I will specifically focus on ‘Linux/x86 – mkdir() & exit() – 36 bytes by zillion’.
The tutorial will contain example source with comments. Listed source code may have formatting issues so best place to obtain copies is from the project’s Github repo. This assignment will build from the previous assignments and so will not be reiterating explanations already covered there.
- Obtain a copy of the shellcode to verify its functionality
- Disassemble the shellcode
- Create a polymorphic version
- Test the new version
“In computer terminology, polymorphic code is code that uses a polymorphic engine…
View original post 613 more words