Dailydave mailing list archives
multistage shellcode
From: "wirepair" <wirepair () roguemail net>
Date: Sun, 01 Aug 2004 11:27:03 -0800
lo all, so playing around with multi stage shellcode i ran into a bit of a problem where the egg was found in memory but the rest of the shell code got mangled, obviously this will not do as once we jmp to that address Bad Things Happen. So I started thinking ofadding a checksum of the sc to verify it hadn't been munged or incomplete. After implementing a crc check (thanks to my friend galt who wrote the c code so i could xlate) i found it to be rather large and well just not well suited for multistage purposes (we need 1st stage as small as possible.) So instead I implemeted a 25 byte check to verify the final dword is part of the sc. If not continue searching... has anyone else attempted this type of check? and if so, anything smaller than 25bytes???
thanks, -wire -- Visit Things From Another World for the best comics, movies, toys, collectibles and more. http://www.tfaw.com/?qt=wmf _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- multistage shellcode wirepair (Aug 01)
- Re: multistage shellcode Mordy Ovits (Aug 02)
- Re: multistage shellcode dave (Aug 02)
- Re: multistage shellcode Mordy Ovits (Aug 02)