Shellcode encoders are useful to adapt existing shellcode to certain restrictions. Usually to avoid so-called bad characters (e.g. NULL bytes), i.e. certain byte values that lead to undesirable side effects. The msf framework includes several shellcode encoders for various cpu architectures. For arm (armle, armbe, aarch64), one of the most common cpu architectures for embedded and iot devices, such an encoder is missing.

Objectives

The aim of the work is to create an arm shellcode encoder module for the metasploit framework. The encoder should be as generic as possible and be able to avoid a configurable number of bad characters.

Depending on the thesis (bachelor thesis, master thesis) the scope can be adapted. Topics such as polimorphic shellcode encoders and integration of target-specific encryption offer the opportunity to expand the topic.

Requirements

• Good understanding of arm assembly.
• Knowledge of binary exploitation on linux operating systems.
• Experience in reverse engineering.
• Knowledge of the Ruby scripting language or willingness to learn the necessary basics to develop a metasploit module.
• Mindset to learn the additional skills.