Vulnerability Development mailing list archives
Re: AMD Sledgehammer and ascii-only shellcode
From: Sebastian <scut () NB IN-BERLIN DE>
Date: Thu, 17 Aug 2000 19:24:59 +0200
Hi. On Wed, Aug 16, 2000 at 04:33:40AM +0200, Holger van Koll wrote:
AFAIK it´s still considered impossible to code shellcode using only ascii-data as commands like jmp, call are not within this range.
Well, it is possible to write ASCII only shellcode (I have seen an experimental 'a-Z' shellcode decoder), the problem is not the shellcode, but the data which cannot replaced in most cases: the return address. On most architectures/operating systems the return address has bytes that aren't within the 'a-Z' range, and hence couldn't be modified with a simple overwrite smash if the data is ASCII-filtered. ciao, scut -- - scut () nb in-berlin de - http://nb.in-berlin.de/scut/ --- you don't need a -- -- lot of people to be great, you need a few great to be the best ------------ http://3261000594/scut/pgp - 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07 -- data in VK/USA Mayfly experienced, awaiting transfer location, hi echelon -
Current thread:
- AMD Sledgehammer and ascii-only shellcode Holger van Koll (Aug 15)
- Re: AMD Sledgehammer and ascii-only shellcode Holger van Koll (Aug 15)
- Re: AMD Sledgehammer and ascii-only shellcode Sebastian (Aug 17)
- Re: AMD Sledgehammer and ascii-only shellcode Gerardo Richarte (Aug 17)
- Re: AMD Sledgehammer and ascii-only shellcode Jon Larimer (Aug 17)
- Re: AMD Sledgehammer and ascii-only shellcode Holger van Koll (Aug 15)