mirror of https://github.com/01-edu/public.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
28 lines
1.2 KiB
28 lines
1.2 KiB
2 years ago
|
# Evasion
|
||
|
|
|
||
|
|
### Objective
|
||
|
|
|
||
|
|
The goal of this project is to understand the methods of hackers who bypass anti-viruses, so also to understand how antivirus works in a little more advanced way than mal-track.
|
||
|
|
|
||
|
|
### Guidelines
|
||
|
|
|
||
|
|
You will need to develop a windows program
|
||
|
|
The windows program will have to give us the possibility to encrypt another program
|
||
|
|
Increase its size by 101mb
|
||
|
|
Add an increment of an int to 100001
|
||
|
|
Look at the time, do a sleep of 101 seconds, look at the time to check that 101 seconds has passed, if the 101 seconds have not elapsed, do not decrypt the binary and do not execute it
|
||
|
|
|
||
|
|
This project is carried out on a virtual machine (in your malware analysis lab).
|
||
|
|
You are free to choose your virtual machine, it must be windows-based. (but in the audit you will use an official windows virtual machine!)
|
||
|
|
You are free to choose the programming language for your program.
|
||
|
|
|
||
|
|
### Advice
|
||
|
|
https://wikileaks.org/ciav7p1/cms/files/BypassAVDynamics.pdf
|
||
|
|
https://0x00sec.org/c/cryptology/
|
||
|
|
|
||
|
|
### Submission and audit
|
||
|
|
Files that must be inside your repository:
|
||
|
|
- Your program source code.
|
||
|
|
- a README.md file, Which clearly explains how to use the program.
|
||
|
|
|
||
|
|
Don’t hesitate to double check the names of your folders and files to ensure they are correct!
|