Handbook of Applied Cryptography
Handbook of Applied Cryptography
Malicious Cryptography: Exposing Cryptovirology
Malicious Cryptography: Exposing Cryptovirology
| Hi-index | 0.00 |
Modern exploit payloads in commercial and open-source penetration testing frameworks have grown much more advanced than the traditional shellcode they replaced. These payloads permit interactive access without launching a shell, network proxying, and many other rich features. Available payload frameworks have several limitations, however. They make little use of encryption to secure delivery and communications, especially in earlier stage payloads. In addition, their richer features require a constant network connection to the penetration tester, making them unsuitable against mobile clients, such as laptops, PDAs, and smart phones. This work introduces a first-stage exploit payload that is able to securely establish an encrypted channel using ElGamal key agreement and the RC4 stream cipher. The key agreement implementation requires only modular exponentiation and RC4 also lends itself to an implementation requiring a very small amount of executable code. This secure channel is used to send further executable code and deliver a fully-featured interpreter to execute mission logic written in the high-level Lua scripting language. This scripting environment permits secure code delivery as well as disconnected operation and execution of penetration testing mission logic.