Which shellcode evasion method encodes the payload and uses a decoder to rewrite the shellcode on every transmission?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which shellcode evasion method encodes the payload and uses a decoder to rewrite the shellcode on every transmission?

Explanation:
Polymorphic shellcode evasion relies on encoding or encrypting the payload and supplying a decoder that reconstructs the original shellcode at execution. Each delivery mutates both the encoded payload and the decoder so that the resulting byte sequence looks different every time, while the actual actions of the shellcode remain the same. This mutation helps defeat signature-based detection because there isn’t a fixed fingerprint to match across transmissions—the decoder rewrites the shellcode on each run, producing a fresh variant that still delivers the payload. ASCII shellcodes encode data using printable ASCII characters to fit certain constraints, but they don’t inherently involve mutating a decoder to rewrite the payload on every transmission. Pre-Connection SYN and fragmentation are network-level evasion techniques aimed at bypassing defenses or splitting traffic, not specifically about encoding the payload with a runtime decoder that regenerates the shellcode on each delivery.

Polymorphic shellcode evasion relies on encoding or encrypting the payload and supplying a decoder that reconstructs the original shellcode at execution. Each delivery mutates both the encoded payload and the decoder so that the resulting byte sequence looks different every time, while the actual actions of the shellcode remain the same. This mutation helps defeat signature-based detection because there isn’t a fixed fingerprint to match across transmissions—the decoder rewrites the shellcode on each run, producing a fresh variant that still delivers the payload.

ASCII shellcodes encode data using printable ASCII characters to fit certain constraints, but they don’t inherently involve mutating a decoder to rewrite the payload on every transmission. Pre-Connection SYN and fragmentation are network-level evasion techniques aimed at bypassing defenses or splitting traffic, not specifically about encoding the payload with a runtime decoder that regenerates the shellcode on each delivery.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy