NOTE Segment Infection technique

DCA E-zine #1 (html)
September 2004

I was sitting around and looking at my old creations etc. and then I've asked myself : Why am I always using that old fucing S.P.I ( Segment Padding Technique) technique in my viruses !? Hm.... Because its so easy to understand and to use it.It has been used since 3-4 years.Well I think this way of infection is getting old fashioned ;)

On a sunny day I was looking at the output of readelf. And then I've realized that fucking NOTE segment is actually unusefull for the loader and for the user :-P And then came the idea : Why not inserting the virus code after the NOTE segment or even better : Why not inserting it IN the NOTE segment !? Well let us take a closer look at this idea...

