Use encryption technique to avoid AV static analyst

[S0c5]

Hello!
I used to use this technique to inject payloads in binaries, but the problem is that the AV static analyst find the malicious payloads if they are well known, so you can include the payload encrypted and include the stub to decrypt it before is called.

Linux-Shellcode-Generator/Shellcode-Injectable-Project/shellcode.c

Line 4 in b2a9d1a

char code[] ="\x31\xc0\x31\xdb\x31\xd2\x31\xc9\xb0\x04\xb3\x01\xb9\xa0\x90\x04\x08\xba\x1c\x00\x00\x00\xcd\x80\x31\xc0\xb0\x01\x31\xdb\xcd\x80";

In this line, you can include the encrypted payload and the key to decrypt it before runs the script, that allow you to avoid some AV static analysts.

Linux-Shellcode-Generator/shellcode.sh

Line 20 in b2a9d1a

function injectShellcode {

[thEpisode]

Good! that is awesome!, I will include a function to encrypt the payload because at the moment these payload is only an example for use. Could you recommend me a good encryption method for payloads?