Assignment Goals (SLAE-1530)
-
Create a custom crypter like the one shown in the "crypters" video
-
Free to use any existing encryption schema
-
Can use any programming language
What is the purpose of a Crypter
A crypter is very close to encoders. It is a tiny application designed to encrypt a payload and decrypt the payload at runtime.
The payload is encrypted and embedded inside a host program often called a stub, when the stub is executed, it will decrypt the encrypted payload and redirect execution flow at decrypted payload address. Sometimes execution flow is not redirected but instead a new thread or a new process is created to host the payload execution.
Conversely to encoders, crypters uses complexes encryptions schema (RC4, AES, Blowfish, Camelia etc...) to keep the payload obfuscated. Each time a stub is generated, the encrypted payload will look completely different, it is a good solution to beat signature based detection systems.
Because of their complexity, crypters are often coded with higher level language such as C/C++, Delphi, .NET etc..
Read more...