Re: Shellcode jmp problem

["Karma" <steve () frij com>]

He is removing the nulls. A null character will look like the end of buffer
for the CPU.




----- Original Message ----- 
From: "Darragh O'Brien" <dobrien () computing dcu ie>
To: <security-basics () securityfocus com>
Sent: Friday, October 17, 2003 4:37 AM
Subject: Shellcode jmp problem


> Hi,
>
> I'm having trouble trying to recreate Aleph One's shellcode.
>
> My initial jmp generates 5 bytes \xe9\x19\x00\x00\x00 but
> Aleph One's jmp only generates two \xeb\x19 - I'd be
> grateful if someone could tell me where I'm going wrong.
>
> Thanks,
> Darragh
>
> --------------------------------------------------------------------------
-
> FREE Whitepaper: Better Management for Network Security
>
> Looking for a better way to manage your IP security?
> Learn how Solsoft can help you:
> - Ensure robust IP security through policy-based management
> - Make firewall, VPN, and NAT rules interoperable across heterogeneous
> networks
> - Quickly respond to network events from a central console
>
> Download our FREE whitepaper at:
> http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
> --------------------------------------------------------------------------
--
>


---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------