Art of Shellcoding: Basic AES Shellcode Crypter

In this post, we will design a shellcode crypter which will encrypt the shellcode and then decrypt the encrypted shellcode and run it dynamically. The libraries we will be using for encryption will be mcrypt, and the shellcode encryption schema is Rijndael-128(AES). 

We will design the crypter in C programming language. The shellcode we will be using for this exercise will be an execve stack based shellcode. Following is the code of the crypter:

The enc_dec function accepts flag value and based on the value it performs either an encryption operation or decryption operation. Also, the length of the key for encryption and decryption is16. On running the crypter, we get the following output:

We saw how we can create a basic crypter in C. We can build on these methods and combine the best of polymorphism, encoding, and encryption to create much more advanced and detection free shellcodes.

This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert certification:

http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/
Student-ID: SLAE-1080