Maximize
Bookmark

VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

NOTE Segment Infection technique

Cyneox
DCA E-zine #1 (html)
September 2004

[Back to index] [Comments]

Abstract

I was sitting around and looking at my old creations etc. and then I've asked myself : Why am I always using that old fucing S.P.I ( Segment Padding Technique) technique in my viruses !? Hm.... Because its so easy to understand and to use it.It has been used since 3-4 years.Well I think this way of infection is getting old fashioned ;)

On a sunny day I was looking at the output of readelf. And then I've realized that fucking NOTE segment is actually unusefull for the loader and for the user :-P And then came the idea : Why not inserting the virus code after the NOTE segment or even better : Why not inserting it IN the NOTE segment !? Well let us take a closer look at this idea...

[Read the article]

By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! vxheaven.org aka vx.netlux.org
deenesitfrplruua