v1.7: 06/02/2006 - - Again working on that stuff, finished the refine of decoders (now, i have two versions of all the decoders), lets implement it... - Added a NOT decoder - Fixed getdecoder() to show when the decoder is not correctly implemented... i got this problem... v1.6: 10/10/2005 - - Tks to Foxtrot for the corrected version of en_US.h file 10/09/2005 - - Some code cleanup (decoders.h isnt used anymore) and ansi.h has been excluded - Added LICENSE file with the GPL License (copied from another open-source project, of course) - Ok, SCMorphism is now a project of RISE Research Group - Modified the structure of decoders call - Fix some other minor stuffs (like many things in pt-br other than english) - Added a CASE instruction other than the lot of if's into decoders.c - We have problems with some decoders (type 3, 10 and 11) -> Added to KNOW_BUGS - New files internacionalized: - printing.c - shellcode.c - parseP.c v1.5: 08/24/2005 - New files internacionalized: - decoders.c - coding.c - identity.c - dojunk.c - main.c - parse.c - parseC.c 08/23/2005 - Reorganized the SCMorphism files structure: - added src/ directory - added includes/ directory - added languages/ directory (for internacionalization) - added bin/ directory (for the generated binary) - added dist/ directory (for the generated .tar.gz with make version option) 08/23/2005 - Added internacionalization structure - languages/en_US.h created - menu.c -> internacionalized - _alpha.c -> internacionalized - alpha.c -> internacionalized - alphanops.c -> internacionalized - blocks.c -> internacionalized - convert.c -> internacionalized - _decoders.c -> internacionalized - conf.c -> internacionalized - includes/language.h must contain the specified language - modified Docs/Developers.txt to contain the explanation about SCMorphism internacionalization 03/01/2005 - Added another error function to print the message and exit 03/01/2005 - Fixed segfault when the varname or length isnt specified to files different of .c or .pl 02/26/2005 - Support to base64 encode is in -t option (i dont know why i have used it with -B in the first time...) 02/26/2005 - Added Alphanumeric Shellcode Compiler into the project (see p57-0x0f) 02/20/2005 - Added the file Developers.txt into Docs/ dir 02/17/2005 - Changes in Makefile (only need to update VERSION var in it, and the system will use it) 02/17/2005 - Included the option to save the result in a ENV var (-E option) 02/17/2005 - Part of rolw/rorw implementation is finished - See TODO 02/17/2005 - More readable improviments... all decoders now have #define directives do specify the decoder number (used in ifs and switch statments). Again: The code has been re-organized to be more readable and not more efficient. 02/17/2005 - Added support to user choose the rotate number (to both, ror or rol operation) 02/17/2005 - Fixed the problem with inc decoder (the problem is with badchars test) 02/17/2005 - Added support to base64 encode - See KNOW_BUGS 02/15/2005 - Im out of Priv8 Security... im now at Seed Security (know more about this group at www.seedsecurity.com) 02/15/2005 - Ok, the code will be re-writed to be more readable... today i have made some changes in coding.c file (have created decoders.c to have getdecoder function, and _decoders.c to have all decoders functions and decoders.h to have all decoder definitions). Maybe it can use more memory then the old approach, but, it will be really easy to understand. v1.4: 12/23/2004 - Added dec decoder (can be used in the place of sub 1 decoder) - Tks ESC2 for the idea 12/23/2004 - Updated USAGE file 12/23/2004 - Added the Alphanumeric Random NOP Generation option (-A ) 12/22/2004 - Added inc decoder (can be used in the place of add 1 decoder) - Tks ESC2 for the idea 12/22/2004 - Included option to choose in what shellcode the user ill include the do not operations (encoded,original,both) 12/22/2004 - Included option to choose in what position the do nothing operations will be included in the shellcode (begin,middle) Tks Chris@segfault.net 12/22/2004 - Fixed a lot of errors message (to be more informative) 12/22/2004 - Added some features to be showed 12/22/2004 - Fixed minor bugs in junks generation 12/22/2004 - Ok, when i have added the ADMutate junks compability, i have inserted problems using the -j option, by now, the problems are solved! 12/22/2004 - Fixed a lot of errors in argument parser 12/21/2004 - Added anti-ptrace tricks v1.4beta: 11/17/2004 - Ok, ADMmutate API are partially used into scmorphism! 11/17/2004 - Yeah, scmorphism now supports the same junks structure as ADMutate API 11/17/2004 - I have put the bit shift right and bit shift left decoders into scmorphism ( -t 8 || 9 ) 11/17/2004 - I have put the shuffle decoder into scmorphism (-t 3) 11/15/2004 - Strider have finished the big rotate decoder, thanks! 11/15/2004 - I have finished the Shuffle decoder, thanks to Strider for the help! (im an idiot and cant see my own errors, he he he) v1.3: 06/11/2004 - Ok, included the -j option. When the user use -j 100 for example, the new shellcode will include 100 bytes of NOP operations. By now, this operations are in the begin of the original shellcode. 06/10/2004 - Now, the option -n are deprecated 06/10/2004 - Included option to choose what number to do what operation ( -x for XOR operations, -u for SUB operations and -a for ADD operations). Warning: When you choose ADD Decoder, it perform SUB operations. And its the same to SUB Decoder. 06/10/2004 - Included XOR+ADD, SUB+XOR, XOR+SUB Decoders 06/07/2004 - Included ADD+XOR Decoder (first double pattern decoder in the tool) 06/02/2004 - Included information about the length of decoder, final encoded and shellcode 05/31/2004 - Finished brazilian portuguese translation of the HowItWorks.txt v1.2: 05/30/2004 - Fixed PERL parser (its looks like C parser) 05/30/2004 - Fixed the C parser when exist spaces between the var type and var name, like: char shellcode[] 05/29/2004 - Fixed the C parser when exist spaces before var declaration, like: char shellcode[] 05/29/2004 - Fixed the argument parser when the user know to load the shellcode from a file and dont specify the varname of the shellcode 05/29/2004 - Fixed Execute Function and Decoding Instructions are optimized 05/25/2004 - Added SCO x86 shellcode 05/25/2004 - Added HPUX Sparc shellcode 05/25/2004 - Added Irix Mips shellcode 05/25/2004 - Finished the text HowItWorks.txt 05/22/2004 - Implemented byte shift decoder. It doesnt work fine yet, see KNOW_BUGS 05/22/2004 - Fixed the argument parser when the user know to load the shellcode from a file and dont specify the length of the shellcode v1.1: 05/20/2004 - All KNOW_BUGS errors are correct... mantain only deficient parser 05/19/2004 - Most of ppl asked me about the encoded shellcode length. I used some "do nothing" instructions to evade DECODER signature from IDS. To evit this kind of reclamations, i included -o (optimize) option. Use this option with careful because it removes these instructions and turn decoder detection possibly. In the future, ill include the possibility to choose the "do nothing" length. 05/18/2004 - l33t Port Bind 6969 Shellcode for MacOS - Tks to wsxz 05/17/2004 - New parser for .c and .pl files give to use more flexbility in shellcode declaration and support comments after shellcode line (multiple line shellcodes) 05/17/2004 - Shellcodes reorganized