From Collaborative RCE Knowledge Library

Jump to: navigation, search

Cryptexec: next-generation runtime binary encryption

Item name: Cryptexec: next-generation runtime binary encryption
Rating: 0.0 (0 votes)
Author: Zeljko Vrba                        
Home URL: http://www.phrack.org
Last updated: 2005
Version (if appl.):
Direct D/L link: http://phrack.org/issues/63/13.html#article
Description: 1 Introduction
2 OS- and hardware-assisted tracing
3 Userland tracing
3.1 Provided API
3.2 High-level description
3.3 Actual usage example
3.4 XDE bug
3.5 Limitations
3.6 Porting considerations
4 Further ideas
5 Related work
5.1 ELFsh
5.2 Shiva
5.3 Burneye
5.4 Conclusion
6 References
7 Credits
A Appendix: source code
A.1 crypt_exec.S
A.2 cryptfile.c
A.3 test2.c

"What is binary encryption and why encrypt at all? For the answer to
this question the reader is referred to the Phrack#58 [1] and article
therein titled "Runtime binary encryption". This article describes a
method to control the target program that doesn't does not rely on
any assistance from the OS kernel or processor hardware. The method
is implemented in x86-32 GNU AS (AT&T syntax). Once the controlling
method is devised, it is relatively trivial to include on-the-fly
code decryption."
Related URLs:
Reverse Engineering Shiva by Chris Eagle:
http://blackhat.com/presentations/bh-federal-03/bh-federal-03-eagle/bh-fed-03-eagle.pdf


RSS feed Feed containing all updates for this item.

You are welcome to add your own useful notes about this tool, for others to see!



If you find that any information for the item above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)


Views
Category Navigation Tree
   Tools