Pigeon Feed
View unanswered posts | View active topics It is currently Tue Jan 16, 2018 10:56 am



Reply to topic  [ 2 posts ] 
 Metamorphic code 
Author Message
User avatar

Joined: Thu Mar 31, 2011 4:00 pm
Posts: 10071
Post Metamorphic code
In computer virus terms, metamorphic code is code that can reprogram itself. Often, it does this by translating its own code into a temporary representation, editing the temporary representation of itself, and then writing itself back to normal code again. This procedure is done with the virus itself, and thus also the metamorphic engine itself undergoes changes. This is used by some viruses when they are about to infect new files, and the result is that the "children" will never look like their "parents". The computer viruses that use this technique do this in order to avoid the pattern recognition of anti-virus software: the actual algorithm does not change, but everything else might.

While polymorphic viruses cipher their functional code to avoid pattern recognition, such a virus will still need to decipher the code - unmodified from infection to infection - in order to execute. Metamorphic viruses change their code to an equivalent one (i.e. a code doing essentially the same thing), so that a mutated virus never has the same executable code in memory (not even at runtime) as the original virus that constructed the mutation. This modification can be achieved using techniques like inserting NOP instructions (brute force), swapping registers, changing flow control with jumps or reordering independent instructions. Metamorphic code is usually more effective than polymorphic code. Unlike with polymorphic viruses, anti-virus products may not simply use emulation techniques to defeat metamorphism, since metamorphic code may never reveal code that remains constant from infection to infection.

Metamorphic code can also mean that a virus is capable of infecting executables from two or more different operating systems (such as Windows and GNU/Linux) or even different computer architectures. Often, the virus does this by carrying several viruses within itself. The beginning of the virus is then coded so that it translates to correct machine-code for all of the platforms that it is supposed to execute in. It is possible, in theory, for a metamorphic virus to rewrite the temporary representation of itself into another set of instructions, intended for another computer architecture. If one were used, the API may also have to be changed in the leap to a new platform.


Wed Mar 21, 2012 7:14 pm
Profile
Online
User avatar

Joined: Mon Apr 11, 2011 6:55 pm
Posts: 6494
Post Re: Metamorphic code
Pigeon, I need you to create a metamorphic code to make me into a super human being.

Pana, I need you to test this code on yourself.


Thu Mar 22, 2012 5:12 am
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 2 posts ] 

Who is online

Users browsing this forum: Royal and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.