Wednesday, 10 August 2016

GSoC Work Submission


This is the direct link to all the work that is done during GSOC period :
PR Link:

Commits link :

First part of my project was writing Windows Shellcode, It was great part to learn about shellcode as I didn't have much knowledge about shellcode before I started contributing to ZSC.

At first I created Opcoder which converts the assembly code to opcodes -

Then I created Windows Execute Shellcode which takes parameter as filename to be executed to generate shellcode -

Next was create directory Shellcode -

The other Shellcode's which were done are :
creating file  -
Downloading file -
Download and Execute -
Add Admin -
Disable Firewall -

Next I started working on obfuscation modules. Created Reverse hex and reverse base64 obfuscation modules for Ruby, Python, Perl, Javascript and php. Here are the PR's :

I had to work on other obfuscation modules but as ZSC tool got accepted in DEFCON we had to make Windows Shellcode part complete as that was to be presented. There were no encoding modules for Shellcode but as it was needed to complete Windows Shellcode part I started working on Encoding part.
Here are the Encoding module that were created :
Xor random -
Add random -
Sub random -
xor yourvalue -
inc and dec encodes -
inc yourvalue and dec yourvalue -
Add yourvalue and sub yourvalue -

After Encoding modules part as I didn't have much time to add complex obfuscation module I started working on simple ascii obfuscation module  and here is the PR -

If you are interested in contributing/learning more about the tool refer the documentation :

It was great experience to work on ZSC tool as I learned many things about exploits, Shellcode etc., I would like to thanks OWASP Organizations, my mentors Brian for helping me to learn about shellcode and clearing my doubts, Johanna is great leader who is doing everything she can for ZSC and also Ali for helping me with project, also reviewing PR's and for creating this tool :). GSoC will be ending but I will still be contributing to ZSC tool. Next couple of months ZSC tool will be still having new changes as it is likely to participate in BlackHat Arsenal EU (Johanna applied for it already) and we can add some new features to the tool. Also we have working API and osx shellcode added to tool. Thanks to Akash Trehan for adding osx module.

No comments:

Post a Comment