Hosting Provided By

Re: shellcode with standard characters

From: Jose Ronnick <matrix(at)phiral.com>
Date: Thu Jun 12 2003 - 20:04:38 EDT

On Thu, 12 Jun 2003 11:20:00 +0200
JohnnyRun <gianni79@gamebox.net> wrote:

> Hi!
> This is my first post and I'm looking for some documentation.
> A friend of mine has produced a segfault with malloc vulnerability on an
> application.
> We would like to produce something more interesting.
> The field overflowed can accept only characters between 0 and 128. Any
> other character is replaced with a whitespace.
>
> Can we inject shellcode with only this characters avaible?
> Can you suggest me documentation about shellcode writing?

Several months I wrote a tool called dissembler, which can convert an existing piece of shellcode into printable ASCII shellcode.. this should help you with your exploitation...

http://www.phiral.com/research/dissembler.html

Hope this helps..

-- 
%JOSE_RONNICK%50,:-dddd-0EEb-pVVyP\-1111-jjjj-yNNN-_4HUP-qq0q-02%r-_Z%JP-%Iwp-5kyyP-n5nn-aTTa-1271P-4ttt-/888-3tSMP-bbnb-L8wL-kMwgP-3Hy3-rqzWP-m%m8-h4x--v%r5P-S7S7-g7g7-F2u2PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP

application/pgp-signature attachment: stored

Received on Thu Jun 12 21:44:09 2003

This message: [ Message body ]
Next message: steve(at)uk.intasys.com: "Re: shellcode with standard characters"
Previous message: sin: "Re: shellcode with standard characters"
In reply to: JohnnyRun: "shellcode with standard characters"
Next in thread: steve(at)uk.intasys.com: "Re: shellcode with standard characters"
Reply: steve(at)uk.intasys.com: "Re: shellcode with standard characters"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:40 EDT

Do you need help?