Vulnerability Development mailing list archives
Re: Shellcode from ASCII
From: "Berend-Jan Wever" <SkyLined () edup tudelft nl>
Date: Wed, 25 Jun 2003 18:47:44 +0200
Yeah, I am writing a shellcode encoder that does just that, first tests proved it worked. The result will be twice as big as the origional shellcode and a ~150 bytes decoder has to be added. It's very beta atm. so I'm not sharing the code yet... I'll post something when I'm done testing. Let me know if you're interested in working with me on this. Also there was an article in phrack about this: http://www.phrack.org/show.php?p=57&a=15 It's a very usefull resource and includes source for a program that can encode your shellcode too. Berend-Jan Wever ----- Original Message ----- From: "martin rakhmanoff" <jimmers () yandex ru> To: <vuln-dev () securityfocus com> Sent: Wednesday, June 25, 2003 12:09 Subject: Shellcode from ASCII
Hello Usually when coding exploits one needs to escape null bytes in shellcode. To do this XOR is often used. My question is: is it possible to escape not only null bytes but also non-ascii bytes? In other words is it possible to have shellcode (for Windows 2000/XP/2003) that consists of bytes with codes 0x21-0x7e? Thanks Martin
Current thread:
- Shellcode from ASCII martin rakhmanoff (Jun 25)
- Re: Shellcode from ASCII Berend-Jan Wever (Jun 25)
- Re: Shellcode from ASCII Jose Ronnick (Jun 26)
- GetPC code (was: Shellcode from ASCII) Gerardo Richarte (Jun 26)
- Re: GetPC code (was: Shellcode from ASCII) Roland Postle (Jun 26)
- Re: GetPC code (was: Shellcode from ASCII) Gerardo Richarte (Jun 26)
- Re: GetPC code (was: Shellcode from ASCII) Roland Postle (Jun 26)
- Re: GetPC code (was: Shellcode from ASCII) Berend-Jan Wever (Jun 27)
- Re: GetPC code (was: Shellcode from ASCII) Roland Postle (Jun 26)
- Re: Shellcode from ASCII Gerardo Richarte (Jun 26)
- Re: Shellcode from ASCII Berend-Jan Wever (Jun 25)