Yesterday on the Volatility Labs blog I published a post on analyzing some interesting shellcode from a recent attack campaign and 0day exploit. The shellcode was encrypted multiple times and required full static reversing before revealing the algorithm needed to decrypt the backdoor URL. I think you will like it:
http://volatility-labs.blogspot.com/2014/04/building-decoder-for-cve-2014-0502.html
No comments:
Post a Comment