Full Disclosure mailing list archives
Re: PPC OSX Shellcode ASM
From: KF <dotslash () snosoft com>
Date: Tue, 02 Sep 2003 10:51:31 -0400
Nice paper... even though you reference Ghandi at the bottom you may wanna give specific credit to him for your null free technique...
;; Use the magic offset constant 268 because it makes the ;; instruction encodings null-byte free. addi r31, r31, 268+36 addi r3, r31, -268 ; r3 = path http://www.dopesquad.net/security/shellcode/ppc/execve_binsh.s And If I remember correctly that army.mil webserver is a m68k not ppc... -KF
llo there, Please find attached my paper on designing shellcodes on the PowerPc architecture. The paper outlines PowerPC architecture fundementals, and methods of deriving working shellcodes for the exploitation of vulnerabilities discovered on the OSX and Darwin Operating Systems. Very sorry if this considered OFF TOPIC please excuse. Kind Regards B-r00t.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- PPC OSX Shellcode ASM B-r00t (Sep 01)
- Re: PPC OSX Shellcode ASM KF (Sep 01)
- Re: PPC OSX Shellcode ASM Andrew Pinski (Sep 01)