tarcisio-marinho / GonnaCry

A Linux Ransomware
https://medium.com/@tarcisioma/ransomware-encryption-techniques-696531d07bb9
GNU General Public License v2.0
692 stars 402 forks source link

Obfuscation / Anti-Debugging #3

Open tarcisio-marinho opened 6 years ago

tarcisio-marinho commented 6 years ago

Need help implementing code obfuscation.

https://pdfs.semanticscholar.org/4248/b2b6f8a6389371ce20ec065853b4ef1c4b04.pdf https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf https://github.com/a0rtega/pafish https://www.apriorit.com/dev-blog/367-anti-reverse-engineering-protection-techniques-to-use-before-releasing-software

vaibhawvipul commented 5 years ago

dmidecode -t system in linux can return us the info whether the code is running inside vm or not. However, this need root permission.

tarcisio-marinho commented 5 years ago

dmidecode -t system in linux can return us the info whether the code is running inside vm or not. However, this need root permission.

Thanks mate ! Implemented on commit ee9a0283b18f827a6a3e86865ec3b938404d4ee3

vaibhawvipul commented 5 years ago

dmidecode -t system in linux can return us the info whether the code is running inside vm or not. However, this need root permission.

Thanks mate ! Implemented on commit ee9a0283b18f827a6a3e86865ec3b938404d4ee3

Thanks I am glad that i was of some help. This is a great initiative. I am also reading out the pdfs listed here for obfuscation. I will keep you posted if I can contribute there.