What we mean by NOPs generator and payload encoders

[deepsa at fedoraproject.org (Deependra Singh Shekhawat)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Thanks both of you for your replies. I am reading the links given by you
and have ordered the Gray Hat Hacking book too.

:)

Thanks


natron wrote:
> The two following books have well written sections on exploitation of
> buffer overflows, etc:
>
> Gray Hat Hacking, 2nd Edition
> http://www.amazon.com/Gray-Hacking-Second-Shon-Harris/dp/0071495681
>
> Hacking: The Art of Exploitation, 2nd Edition
> http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
>
> -n
>
> On Fri, Apr 10, 2009 at 9:20 AM, MaXe <metafan at intern0t.net> wrote:
> > Deependra Singh Shekhawat wrote:
> Hello guys,
>
> Started with metasploit few weeks back. Still learning and reading about
> it. While reading about the architecture of metasploit I came across NOP
> generators.
>
> Now I have found that these are no operation generators (correct me if I
> am wrong) used to let the exploit get un-detected from IDS.
>
> Can some one please elaborate more on NOPs and how they are generated as
> well as how one can use them in creating one's own exploit or porting
> any existing exploit to the metasploit framework ?
>
>
> Also I have one doubt about Encoders , I read that encoders are used to
> encode the payloads and probably they get decoded at the target machine,
> can you please explain how this process happens and what basically
> triggers this ?
>
> Thanks for the great stuff , guys . Really appreciate it as I read more
> about it.
>
> ~jeevanullas
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
> > >
> > A good way to learn more about NOP Generators and also get more information
> > about NOP sledges is to read about Buffer Overflows! :-)
> > http://en.wikipedia.org/wiki/Buffer_overflow
> > Of course there are many other good resources and i guess even one from here
> > could explain how it works as well though shortly said it's used to make
> > sure you will execute your payload :-) Stability for payloads is also
> > another phrase that could fit. It's simply due to different kinds of systems
> > may not execute an exploit 100% the same, so we add NOP sledges / slides :-D
> >
> > About encoding and decoding payloads which is a bit more tough, there are a
> > few resources on Wikipedia which elaborates about Polymorphic Code:
> > http://en.wikipedia.org/wiki/Polymorphic_code
> > Of course there are other ways to encode a payload and my knowledge about
> > this topic doesn't go that far, except that there is an encoded section and
> > a section with a "decryption key". There is another "concept" which is
> > called Mutating Code, that's something that is quite interesting as well ;-)
> >
> > I hope i answered your questions sufficiently. I might be a little wrong,
> > but not totally though i must admit that Polymorphic Code doesn't have much
> > to do with Metasploit, not sure..
> >
> >
> > Best Regards,
> > MaXe
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework

~jeevanullas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknh2jUACgkQ1Vvz8Eg7I0xwQgCggwGLxBo5HHcic8lXFYaU9hK5
oeMAniAdzVbTH84S6rRsdVTYgB7nACe+
=N66A
-----END PGP SIGNATURE-----