You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
1 year ago | |
---|---|---|
LICENSE | 1 year ago | |
README.md | 1 year ago | |
dEncexdel.py | 1 year ago |
README.md
dEncexdel
dEncexdel encrypts a linux executable or decrypts it into memory, executes it and deletes the decrypted file.
Practical uses: execute a service from memory without storing the plain source or the binary on disk, secure a PoC exploit.
dEncexdel uses /dev/shm/.
Wins:
- You can have executables that are encrypted.
- Does not write to the physical drive, but to memory.
Limitations:
- Goes only as far as execution.
- The executed binary can still be read from memory by root (eg. cat /proc/PID/bin > /tmp/bin)
usage
Be careful, -e overwrites the passed executable
python3 dEncexdel.py -e executable # encrypt
python3 dEncexdel.py -x executable # decrypt and execute
python3 dEncexdel.py -r executable # just stdout the decrypted data