Metasploit mailing list archives
Re: Encoding Payloads
From: Jeffs <jeffs () speakeasy net>
Date: Wed, 10 Nov 2010 10:44:35 -0500
Very good question. I would also like to understand the process. On 11/10/2010 10:32 AM, Tommy Elliott wrote:
Got a quick question that hopefully I can get some guidance with. Below is an excerpt from the Metasploit Free Ebook download about *_msfencode_*:What Are Bad Characters?Many applications perform some sort of �ltering on the input they receive. For instance, a Web server might preprocess Unicode characters before they are sent on to the vulnerable piece of code. As a result, the payload might get modi�ed and may not function as expected. Some characters also end up terminating strings, such as theNULL (0x00) byte. These must also be avoided.To determine what characters are being pre-processed, a whole array of all pos- sible characters could be sent, and it could then be determined which ones were mod- i�ed. Another way to do this would be to make assumptions about the characters thatthat type of an application typically modi�es and avoid using those.My first question is with the first sentence. When it is stated you pass a whole array of all possible characters that can be sent, _how_ is it that you determine which ones were modified after the application has received them.My second question is, believe it or not!, with the second sentence. Is there some kind of master list or more expedited way of making an assumption about what characters certain applications most like modify/avoid? I understand that '0x00' is a NULL character but what other assumptions would normally be made?If these questions involve lengthy answers that you think I may need more guidance than a single reply then please feel free to simply point me in the right direction! ;)Thanks in advance, Tommy _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Encoding Payloads Tommy Elliott (Nov 10)
- Re: Encoding Payloads Jeffs (Nov 10)
- Re: Encoding Payloads Tod Beardsley (Nov 10)
- Re: Encoding Payloads Joshua J. Drake (Nov 10)
- Re: Encoding Payloads Tommy Elliott (Nov 10)
- Re: Encoding Payloads Jeffs (Nov 10)