More sophisticated IDSs look for common shellcode signatures. But even these systems can be bypassed, by using polymorphic shellcode. This is a technique common among virus writers?it basically hides the true nature of the shellcode in different disguises.
How does a polymorphic shellcode work?
A . They encrypt the shellcode by XORing values over the shellcode, using loader code to decrypt the shellcode, and then executing the decrypted shellcode
B . They convert the shellcode into Unicode, using loader to convert back to machine code then executing them
C . They reverse the working instructions into opposite order by masking the IDS signatures
D . They compress shellcode into normal instructions, uncompress the shellcode using loader code and then executing the shellcode
Answer: A
Leave a Reply