Vulnerability Development mailing list archives
RE: AlphaNumeric Exploitation Help
From: "Stejerean, Cosmin" <cstejere () cs depaul edu>
Date: Thu, 26 May 2005 12:47:04 -0500
Here are some ideas that I have read about but never tested, although they might be worth exploring. If you know the offset of your jmp instruction you might be able to get away with adding or subtracting from it to get the value you need. You can also try an ASCII shellcode encoder such as the one at http://www.nologin.net/main.pl?action=codeView&codeId=40& Let me know if any of the above work for you. Cosmin -----Original Message----- From: ramatkal () hotmail com [mailto:ramatkal () hotmail com] Sent: Thursday, May 26, 2005 6:38 AM To: vuln-dev () securityfocus com Subject: AlphaNumeric Exploitation Help I am trying to exploit a vulnerable server which only allows alphanumeric characters.... I have successfully taken control of EIP and now need to do a JUMP -600 bytes..... The problem is, that 'eb' and 'e9' are not alphanumeric asci codes and thus cannot be used to do the jumps in the payload.... Anyone got any ideas/tricks/advice on how i can accomplish a JMP -600 bytes, or any type of jump for that matter, only using alphanumeric chars? Thanks, RaMatkal
Attachment:
smime.p7s
Description:
Current thread:
- AlphaNumeric Exploitation Help ramatkal (May 26)
- Re: AlphaNumeric Exploitation Help KF (lists) (May 26)
- Re: AlphaNumeric Exploitation Help Felix Lindner (May 26)
- Re: AlphaNumeric Exploitation Help Costin Ionescu (May 27)
- <Possible follow-ups>
- RE: AlphaNumeric Exploitation Help Stejerean, Cosmin (May 26)
- Re: AlphaNumeric Exploitation Help 6d79676d61696c6163636f756e74 (May 26)