dEncExDelR/README.md

# dEncexdel

dEncexdel encrypts a linux executable or decrypts it into memory, executes it and deletes the decrypted file.

Practical uses: execute a service from memory without storing the plain source or the binary on disk, secure a PoC exploit.

dEncexdel uses /dev/shm/.

Wins:
- You can have executables that are encrypted.
- Does not write to the physical drive, but to memory.

Limitations:
- Goes only as far as execution.
- The executed binary can still be read from memory by root (eg. cat /proc/PID/bin > /tmp/bin)


# usage 
Be careful, -e overwrites the passed executable

python3 dEncexdel.py -e executable  # encrypt

python3 dEncexdel.py -x executable  # decrypt and execute

python3 dEncexdel.py -r executable  # just stdout the decrypted data
Return 2021-10-06 13:16:08 +00:00			`# dEncexdel`
Initial commit 2021-10-06 13:14:53 +00:00
Return 2021-10-06 13:16:08 +00:00			`dEncexdel encrypts a linux executable or decrypts it into memory, executes it and deletes the decrypted file.`

			`Practical uses: execute a service from memory without storing the plain source or the binary on disk, secure a PoC exploit.`

			`dEncexdel uses /dev/shm/.`

			`Wins:`
			`- You can have executables that are encrypted.`
			`- Does not write to the physical drive, but to memory.`

			`Limitations:`
			`- Goes only as far as execution.`
			`- The executed binary can still be read from memory by root (eg. cat /proc/PID/bin > /tmp/bin)`


			`# usage`
			`Be careful, -e overwrites the passed executable`

			`python3 dEncexdel.py -e executable # encrypt`

			`python3 dEncexdel.py -x executable # decrypt and execute`

			`python3 dEncexdel.py -r executable # just stdout the decrypted data`