Description: In this video I run through the concepts very quickly and show a code demo. This is to show that the code I was distributing was intentionally broken to force working through the exercises. It also gives an idea of what the end product can/may look like.
Tags: AV , AV Bypass , Andrew King , aking1012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
What do I have to learn to understand this ? Any books someone could recommend ?
Vivek's assembly primer would be a good place to start. Anything on debugging and reversing would help. A little C programming/python coding wouldn't hurt either.
Python - Core Python
C - ANSI C book or some other primer/manual and MSDN online
Intel Assembly manual
Some book on IDA/GDB for security research
OR...I guess I could write a book ;)
btw...if anyone else thinks this is a NEEDED book topic, plz post in the thread. I'm referencing it as a resource for my Syngress book proposal. kthx
Hey, thanks for this video.
Think this is some really hard topic to understand. Would love to read some book about this topic from you. But please try to also explain some "basics", which we need to understand this.
Looking forward to the other video-parts ;)
thanks guy
That was a very interesting in-depth overview of the process that you faced.
Whilst you have been enjoying yourself in Vegas(!), I've been researching Assembly Language and shellcode. I was astonished by the list of lengthy routines that you mentioned for NOPs. I suppose I had a "shellcode hat" on and thought about keeping it as short as possible. I realise that the length of the code isn't an issue for you so you can really go to town with NOP-equivalent code (I saw it called "idempotent" somewhere).
I'm looking forward to your proposed weekly trickle of videos dealing with individual segments. That will give me plenty of time to research what you've discussed and also allow me to hit the ground running with the next instalment.
@Juggl3r: I guess the thing to do is for us all to collaborate in the various threads about problems that we face. I'm also new to this, though I have done some C and Assembly, albeit a while ago. Several of the threads in Vivek's WLAN Wireless Megaprimer were very active and had thought-provoking discussions. I hope the same happens in this series.
Thanks Andrew, good job with this video. The current state of AV is pretty shameful, and your work in this area is a step in the right direction. Look forward to any more videos you plan to share, and good luck with syngress. :)
@all thanks for the encouragement. i have an NDA in the pike that I have to examine...thoroughly...before I continue the series. If there is some delay, that is what it's about.
Hey andrew its quite difficult to understand m kinda rookie .. any prerequisits ???
@Andrew - good luck with whatever else you have to deal with ... I'm sure that everyone will wait patiently for your further videos!
@Snypter - have you seen the other videos in this series? I'm far from an expert (a bit of experience with C and assembly) and have spent time researching what Andrew has discussed and demonstrated. Some of the code that he presented needed a bit of tweaking to make it run as planned, but that's part of the fun. This series is complicated (well, I think it is) and not for the faint hearted!
<iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)">