RC2 Shellcode Crypter/Decrypter in Python | Linux x86

Introduction

RC2 is a symmetric-key block cipher which was popular in the first half of the 90s of the last century. RC2 also known as ARC2 was designed by Ron Rivest of RSA Security in 1987. Without going into too much details, RC2 consist of block size and key length amongst others things more on that later. In this blog post, we’ll create RC2 shellcode crypter/decrpter to demonstrate the concept. Please note that I’m no RC2 expert and this blog post is by no means an overview of RC2 algorithm

Crypter

In order to create RC2 crypter there is couple of thing we need to figure out ahead of time. That is, key-length which can range from 8 to 1024 bits, cipher-mode which can be either ECB or CBC, and the secret key. We’ll use key length of 128-bits and CBC as cipher mode which require an Initialization Vector. Here’s code referenced from Chilkat, will use the comments section to explain the process

Note: the above shellcode basically spawn shell for us and can be found here

Let’s test it

Decrypter

Hence RC2 is a symmetric-key algorithm meaning the same key is used for encryption and decryption, there is nothing much to it really other than reversing the process of encryption. All of the code used to execute shellcode at run time was referenced from here

Test it

Its demo time! we’ll use pyinstaller to compile the python script

Closing Thoughts

While researching crypters/decrypters, I found most of the blog posts out there were using C wrappers, so for the sake of not making a redundant one I decided to use python wrapper. This post marks the end of my SLAE journey in which I learned how little did I know and how much I still need to learn. Thank you Vivek Ramachandran and the people who helped make this course available! Feel free to contact me for questions using the comment section below or just tweet me @ihack4falafel .

This blog post has been created for completing the requirements of the SecurityTube Linux
Assembly Expert certification:

http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/

Student ID:    SLAE-1115

Github Repo: https://github.com/ihack4falafel/SLAE32/tree/master/Assignment%207

Leave a Reply

Your email address will not be published. Required fields are marked *