Good news for development, bad news for the new demo video I was about to release today.
After going through all the nice stuff I was planning to show to you guys, I realized, while editing the video, that a part of what I was doing was not recorded.
The cause?!?! A hotkey combination used by the recording software, messed up with Olly Dbg’s Fx keys.
The result?!? The recording had actually stopped, but I was happily going through the process. Epic Fail! :O(
In the next video I will demonstrate how a user can take advantage of the dynamic thread context logging feature during tracing in order to build more complex customized polymorphic code that relies on information retrieved on runtime.
PS: People going against our community, and against the people that try hard to keep what we are doing as a lifestyle, away from registered pattends and thinking patterns, should be ashamed of themselves.
These people must be ignored, and by no means we should ever let anyone again affect in any way what we do, and who we are.
Long live FullDisclosure and all sources of knowledge…of freedom!
I don’t have much time to get into details, but here it is what’s going on…in Build 67, and counting!
For the people that might have started developing some kind of interest into this tool, there are some good news.
A couple of very important features have been completed, and I am currently testing them.
The first one is the polymorphic engine for junk code generation, as promised in the previous updates. Of course, there is still room for improvement, but if I were about to release the tool tomorrow, I would happily include it.
Another feature that I am currently also testing is the so called ‘Time Travel’. Don’t be alarmed, it’s just a way for me to call it for fun. No real time travel is yet publicly known.
So, basically this feature automatically restores post 1st stage filtering state in case you decide to exaggerate with the size of poly code, or just because there is no room to fit the combination you are trying to inject based on the logged execution trace and specific characteristics of the executable itself.
This feature is essential since it gives you the chance to rethink your strategy without the need to start all over again from the tracing stage.
Well, if you have seen the videos, you will know what I am talking about…
If I get some more free time, I will make the next video to give you an overview of these new features. There are also others already included that I haven’t really shown yet, but it’s all about finding the time to do it.
Till then, have fun!