Vulnerability Development mailing list archives
Re: Another new worm??? (technical)
From: pierre () DATARESCUE COM (Pierre Vandevenne)
Date: Fri, 23 Jun 2000 23:43:07 +0200
On Fri, 23 Jun 2000 13:56:53 -0700 (PDT), Max Vision wrote:
I really don't have time to get into this, but I need to at least clarify that I was *not* talking about an after-the-fact insertion of NOPs, I was talking about having code enginered from the start. Offsets, byte/word boundaries, etc are not an issue at the level that I was refering to :)
OK I see - but that really has been explored inside out and is extremely easy to handle (in terms of detection). See for example this virus ( yeah, I am biased ;-) ) http://www.europe.f-secure.com/v-descs/bombtrac.htm I have a suggestion - if there is anyone interested in those polymorphic techniques e-mail me directly - assembly routines and the history of polymorphism might be a bit heavy for this list... --- http://www.datarescue.com/idabase/ida.htm IDA Pro 4.1 - Yes, we have done it again !
Current thread:
- Re: Another new worm??? (long), (continued)
- Re: Another new worm??? (long) Pierre Vandevenne (Jun 21)
- Re: Another new worm??? Joe Gee (Jun 20)
- Re: Another new worm??? Dan Schrader (Jun 21)
- Re: Another new worm??? Bennett Todd (Jun 21)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 22)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 23)
- Re: Another new worm??? (technical) Max Vision (Jun 23)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 23)
- Re: Another new worm??? (technical) Max Vision (Jun 23)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 23)
- Re: Another new worm??? Bennett Todd (Jun 21)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Capturing System Calls Green Charles Contr AFRL/IFGB (Jun 22)
- Re: Capturing System Calls Christofer C. Bell (Jun 22)
- Re: Capturing System Calls Steve Mosher (Jun 22)
- Re: Capturing System Calls Chon-Chon Tang (Jun 22)
- Re: Capturing System Calls Jonathan Leto (Jun 22)
- Re: Capturing System Calls Michal Zalewski (Jun 22)
- Re: Capturing System Calls Ryan Permeh (Jun 22)
- Re: Capturing System Calls Pavel Kankovsky (Jun 22)