Payload Encoders

Payload encoders provide the utility of obfuscating the exploit's payload while it is in transit. Once the payload has reached its target, the payload is decoded prior to execution on the target system. This allows the payload to bypass various controls and restrictions of the type mentioned previously while still remaining in an executable form. In general, an exploit's payload will be encoded prior to packaging in the exploit itself and what is known as a decoder stub will be prepended to the encoded payload which produces a new, slightly larger payload. This new payload is then packaged within the exploit in favor of the original.

• Encoder
• Decoder Stub
• Example: Metasploit Alpha2 Alphanumeric Mixedcase Encoder (x86)
• Keyed Encoders