Vulnerability Development mailing list archives
Re: ascii decoder
From: Slawek <sgp () TELSATGP COM PL>
Date: Tue, 10 Oct 2000 09:52:21 +0200
Tuesday, October 10, 2000 12:08 AM +0200, Ryan Yagatich wrote:
<< can be put into hostname .. hostname is limited to 255 chars?>> 63
rfc 1123 "Requirements for Internet Hosts -- Application and Support" 2. GENERAL ISSUES 2.1 Host Names and Numbers [...] Host software MUST handle host names of up to 63 characters and SHOULD handle host names of up to 255 characters. [...] rfc 1035 "DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION" 2. INTRODUCTION 2.3. Conventions 2.3.4. Size limits Various objects and parameters in the DNS have size limits. They are listed below. Some could be easily changed, others are more fundamental. labels 63 octets or less names 255 octets or less TTL positive values of a signed 32 bit number. UDP messages 512 octets or less So now I'm basing on rfc not on my thoughts ;) Host names are in fact limited to 255 chars, *but* each label (between dots) is limited to 63 chars. There's only a little change to be done in the decoder in order to allow dots to be placed in the encoded shell code. old version: 34 30 - xor al,030h 38 41 32 - cmp [ecx+032h],al 72 53 - jb decodeloop new version: 34 2d - xor al,02dh 38 41 32 - cmp [ecx+032h],al 72 53 - jb decodeloop Now the end mark is "-" not the dot, and dot can be placed in the encoded shell code from "time to time" (at least once per 64 chars) We can easily do that by using pair { 0x2e, 0x4b }, witch after decode will give us 0x2e * 0x30 + 0x4b = 0x8eb 0xeb is machine code of "jmps" which can be followed by "0x00" .. and just do nothing ;) Well .. so our encoder need to be modified to encode 0xeb as { 0x2e, 0x4b } instead of "normal" encoding, and we need to remember to place "jmps" at least once per 32 bytes of shell code (first time somewhere close to the start). Instead of closing dot we now put ("-a.") And this should be working ;) .. so again .. I'm waiting for comments ;) Bye, Slawek
Current thread:
- ascii decoder Slawek (Oct 09)
- Re: ascii decoder Ryan Yagatich (Oct 09)
- Re: ascii decoder Slawek (Oct 10)
- Re: ascii decoder Alex Schuetz (Oct 10)
- Re: ascii decoder Slawek (Oct 11)
- Re: ascii decoder Kev (Oct 11)
- Re: ascii decoder Slawek (Oct 11)
- Re: ascii decoder Jefferson Ogata (Oct 12)
- Re: ascii decoder Lincoln Yeoh (Oct 12)
- Re: ascii decoder Slawek (Oct 10)
- Re: ascii decoder Ryan Yagatich (Oct 09)
- Re: ascii decoder Ramon Pinuaga (Oct 16)