Content deleted Content added
m sp |
m sp and fixing links |
||
Line 1:
In computer science (or more often, in computer underground terms)
This is often used by [[computer virus]]es and [[shellcode]] to keep their [[encryption|de/en-cryption-engines]] from being detected by [[anti virus software]] and [[Intrusion Detection Software]].
An algorithm that uses, for example, the variables A and B but not the variable C could stay intact even if you added lots of codes that changed the content in the variable C.
Line 52:
some_random_number
The code inside "Encrypted" could then search the code between Decryption_Code and [[CryptoKey]] and remove all the code that alters the variable C. Before the next time the encryption engine is used, it could input new
C-altering codes. Start:
Line 87 ⟶ 89:
some_random_number
The code above will decrypt the code inside "Encrypted" with a mutated crypto-engine. Then it will
If the code is trying to replicate itself (in the case of a [[computer worm]] or [[computer virus]]) it will need to encrypt the code inside "Encrypted" before it sends it away.
|