Skip to content

0gajun/binary_code_obfuscation_sample

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

bin

bin

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

call_stack_tampering.asm

call_stack_tampering.asm

 
 

non_returning_calls.asm

non_returning_calls.asm

 
 

nrc_complicated.asm

nrc_complicated.asm

 
 

overlap_func.asm

overlap_func.asm

 
 

single_overlap_func.asm

single_overlap_func.asm

 
 

Repository files navigation

About

This repository is a sample of binary code obfuscation methods.

Contents

  • Call Stack Tampering
  • Non Returning Calls
  • Overlapping Functions and Basic Blocks

Environment

  • OS
    • Windows7 professional SP1
  • Assembelr
    • NASM version 2.11.08
  • Linker
    • Microsoft Incremental Linker Version 14.00.23026.0
    • (Bundled with Visual Studio 2015)

How to use

There are two ways to use.

  • Use already assembled and linked binaries in /bin directory.
  • Assemble and link from source by yourself.

How to assemble and link

  • $ nasm -fwin32 <source_file>
  • $ link <object file generated by nasm> /ENTRY:start /SUBSYSTEM:CONSOLE /defaultlib:kernel32.lib

Notice

Some code requires additional modification to a genereted binary. When you generate a binary by yourself, please read a head of source code.

About

A sample of binary code obfuscation methods

Topics

obfuscation binary assembly

Resources

Readme
Activity

Stars

5 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages