Assignment #4: Create custom encoding scheme
The goal of this assignment is to create a custom encoder to defeat pattern recognition.
To do this, I used a simple character substitution rotation cipher (ROT) and tweaked it to be rotated randomly, as shown in the following encoder script:
The reason behind using ROT to encode shellcode is because its simple, and can be tweaked to be an effective approach in beating pattern detection.
The following includes the decoder stub for this encoder
The next two images displays the encoded disassembly of our original shellcode, and its decoded return:
To do this, I used a simple character substitution rotation cipher (ROT) and tweaked it to be rotated randomly, as shown in the following encoder script:
 |
| https://raw.githubusercontent.com/br0ns0n/SLAE32/master/insertion_encoder.py |
The reason behind using ROT to encode shellcode is because its simple, and can be tweaked to be an effective approach in beating pattern detection.
The following includes the decoder stub for this encoder
 |
| https://raw.githubusercontent.com/br0ns0n/SLAE32/master/insertion_decoder_stub.nasm |
The next two images displays the encoded disassembly of our original shellcode, and its decoded return:
 |
| encoded form |
 |
| Decoded Return
This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:
http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/
Student ID: PA-7730
All source files can be found on GitHub at https://github.com/br0ns0n/SLAE32
|
Comments
Post a Comment