six
/
dEncExDelR
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Decrypt|Encrypt|Execute|Delete|Return
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
36 KiB
Python 100%
 
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Go to file
six ca864aa4d5 Return 1 year ago
LICENSE Initial commit 1 year ago
README.md Return 1 year ago
dEncexdel.py Return 1 year ago

README.md

dEncexdel

dEncexdel encrypts a linux executable or decrypts it into memory, executes it and deletes the decrypted file.

Practical uses: execute a service from memory without storing the plain source or the binary on disk, secure a PoC exploit.

dEncexdel uses /dev/shm/.

Wins:

  • You can have executables that are encrypted.
  • Does not write to the physical drive, but to memory.

Limitations:

  • Goes only as far as execution.
  • The executed binary can still be read from memory by root (eg. cat /proc/PID/bin > /tmp/bin)

usage

Be careful, -e overwrites the passed executable

python3 dEncexdel.py -e executable # encrypt

python3 dEncexdel.py -x executable # decrypt and execute

python3 dEncexdel.py -r executable # just stdout the decrypted data