Paolo PeregoFollowSpecialista di sicurezza applicativa e certificato OSCP. Amo spaccare e ricostruire il codice in maniera più robusta, cintura nera di taekwon-do, marito e papà. Ranger Caotico buono, scrivo su @codiceinsicuro e @the_armoredcode.
Assignment #7: Create a custom crypter
parole - Lo leggerai in 8 minuti
The seventh and last assignment is to create a custom crypter like the one
shown in the “crypters” video. I’m free to use any existing encryption schema
and I can use any programming language.
The assignment was written on an Ubuntu Linux 18.04, with a Linux kernel 4.15
Choosing the encryption scheme
For this last assignment I want to use something quick and reliable to encrypt
any evil payload. I started looking at
TEA for its
characteristics and implementations.
I choose to use XXTEA that it is an
evolution of original algorithm to correct all weaknesses found.
This is a symmetric block cipher and the key must be 16 bytes long.
I will use python as programming language and the
xxtea package that it is available with the
pip install xxtea
The default behaviour is to select a 16 bytes long random key and use xxtea library facilities to encrypt the default shellcode that is the standard execve() shellcode used in assignment 4.
However, the crypter tool accepts also a custom encryption key and a custom
shellcode to be used instead of the default one.
Here you can find the source code for the crypter script:
Decrypt and launch
The launcher script is responsible for decrypting a given payload using a given
decryption key. It may be redundant to recall but, since XXTEA is a Symmetric
Cryptography algorithm, the decryption key is the one used to crypt the