Analyzing the effectiveness of shellcode injectors
Ανάλυση της αποτελεσματικότητας των shellcode injectors
View/
Keywords
Ropinjector ; Shellter ; Virustotal ; Shellcode injectors ; Shellcode ; PythonAbstract
In this thesis we analyze the effectiveness of shellcode injectors regarding their ability to bypass antivirus engines. To assist
us in the process we have developed a tool written in Python 2.7 which automates the process of sample generation,
analysis of the infected files, statistics calculation and presentation of results. We demonstrate the usage and results of this
tool on two shellcode injectors, ROPInjector and Shellter. By generating a large sample of infected files and testing them
against the online service VirusTotal we are able to demonstrate the effectiveness of each shellcode injector to hide the
malicious payload as well as the effectiveness of antivirus engines to accurately detect the injected files. The output of this
work is a tool that facilitates and automates this process and the highlighting the strength and weaknesses of both the
shellcode injectors and the antivirus engines.