Before we start , I would like to bring your attention to this SLAE course from securitytube which will help you learn Shellcoding - http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/
AGENDA :
1. Introduction to Insertion Encoder
2. Create a custom encoding scheme similar to the “Insertion Encoder”
3. Proof of concept using the execve-stack as the shellcode to encode
1. Introduction to Encoding:
Encoding is the process of converting data from one form to another.
Insertion encoding is used to obfuscate shellcode instructions by adding some extra instructions .This reduces the detection of shellcode.
2. Create a custom encoding scheme similar to the “Insertion Encoder” :
I have written a python encoder which takes every byte of shellcode and do a XOR operation . After the XOR encoding we keep on inserting random bytes in between shellcode.
3. Proof of Concept using execve-stack as the shellcode to encode :
The address of the shellcode is saved in esi register by using jmp call pop technique .The decoding process involves removal of random bytes and then XORing with same key value to obtain the actual decoded shellcode.
After extracting the opcodes from object file we can check the shellcode through C file as shown below -
[x] All scripts can be found here - https://github.com/hexachordanu/SLAE/tree/master/Assignment-4
Proof of Concept :
This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/
Student-ID: SLAE-1219
AGENDA :
1. Introduction to Insertion Encoder
2. Create a custom encoding scheme similar to the “Insertion Encoder”
3. Proof of concept using the execve-stack as the shellcode to encode
1. Introduction to Encoding:
Encoding is the process of converting data from one form to another.
Insertion encoding is used to obfuscate shellcode instructions by adding some extra instructions .This reduces the detection of shellcode.
2. Create a custom encoding scheme similar to the “Insertion Encoder” :
I have written a python encoder which takes every byte of shellcode and do a XOR operation . After the XOR encoding we keep on inserting random bytes in between shellcode.
3. Proof of Concept using execve-stack as the shellcode to encode :
The address of the shellcode is saved in esi register by using jmp call pop technique .The decoding process involves removal of random bytes and then XORing with same key value to obtain the actual decoded shellcode.
After extracting the opcodes from object file we can check the shellcode through C file as shown below -
[x] All scripts can be found here - https://github.com/hexachordanu/SLAE/tree/master/Assignment-4
Proof of Concept :
This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification: http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/
Student-ID: SLAE-1219
Comments
Post a Comment