Hello Friends

I’m Rem01x Penetration Tester Interested in Red Teaming and Reverse Engineering

In this blog we will talk about Payload Encryption how can we encrypt our payload and why we are trying to encrypt and decrypt it.

Why Encrypting Our Payload?

• To hide the malicious code in a liget file
• Make the malware undetected for longer time
• Bypassing Static/Segnature-based Detection
• Will help bypassing modern solutions

What are the encryption type we use?

The asnswer is fill free to use any encryption type you want but the most used are:

• AES Encryption
• XOR Encryption

Here attackers implemenet a function that takes the raw payload from you try to encrypt it and return the encrypted payload for the attacker then in the malware attackers implment the function that will decrypt the malware during the Runtime so it will get executed.

XOR Payload Encryption

In this part we will write a function that takes a raw payload and XOR Encrypt it and return the Encrypted Payload the second part we will write a function takes the secret key and try to Decrypt the Payload.