Security Basics mailing list archives
re: What does the code mean?
From: "Schieber, Daniel" <daniel.schieber () comco de>
Date: Tue, 2 Nov 2004 10:59:36 +0100
Hi Mccoy, this is the standard header of an emf-file as the var-name suggests. You can use the printf function to see the ASCII-presentation of it. To learn more about this issue, have a look at the classic "Smashing the Stack for fun and profit" by Aleph One: http://www.packetstormsecurity.org/docs/hack/smashstack.txt There is a section that describes how a shellcode is built, which should explain your question thoroughly. The hex coding initialises an emf file followed by the "picture" itself. You might consider this as being nearly the same as opening an emf-file with a hex-editor. Greets, Dan -----Ursprüngliche Nachricht----- Von: McCoy [mailto:mccoymun () yahoo com sg] Gesendet: Freitag, 29. Oktober 2004 07:23 An: security-basics () securityfocus com Betreff: What does the code mean? Hi I have read the code http://www.k-otik.com/exploits/20041020.HOD-ms04032-emf-expl2.c.php but does not understand \x...... portion. An example: unsigned char emfheader[] = "\x01\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" May someone advise what does hex coding means? Any reference site for good explanation? Thank a million
Current thread:
- What does the code mean? McCoy (Nov 02)
- <Possible follow-ups>
- RE: What does the code mean? Stephane Auger (Nov 02)
- re: What does the code mean? Schieber, Daniel (Nov 02)