Snort mailing list archives

Re: OT: Tool to Decode shellcode?

From: Dragos Ruiu <dr () kyx net>
Date: Sun, 8 Jul 2001 23:42:05 -0700

On Sun, 08 Jul 2001, Erek Adams wrote:

On Sat, 7 Jul 2001, Dragos Ruiu wrote:

Do you mean the dissasembled shellcode instructions or ascii as in snort -d
hexdumps?


Shellcode.  I'm looking for something that I can cut-n-paste the shellcode
from various exploits into and have it spit out what it will do.

That make sense or am I smokin crack?


That makes more sense... you are looking for something that will automatically
interperet the shellcode and describe what it is attacking...

Interesting idea, though I'm not aware of anything except a human security
expert that is able to provide this functionality at the current time...  Snort
sigs seem to be about as close as you get these days... :-)

cheers,
--dr

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

OT: Tool to Decode shellcode? Erek Adams (Jul 07)
- Re: OT: Tool to Decode shellcode? Dragos Ruiu (Jul 07)
  - Re: OT: Tool to Decode shellcode? Erek Adams (Jul 08)
    - Re: OT: Tool to Decode shellcode? Fyodor (Jul 08)
    - Re: OT: Tool to Decode shellcode? Steve Shockley (Jul 08)
    - Re: OT: Tool to Decode shellcode? Dragos Ruiu (Jul 08)