Vulnerability Development mailing list archives

Re: AMD Sledgehammer and ascii-only shellcode

From: Sebastian <scut () NB IN-BERLIN DE>
Date: Thu, 17 Aug 2000 19:24:59 +0200

Hi.

On Wed, Aug 16, 2000 at 04:33:40AM +0200, Holger van Koll wrote:

AFAIK it´s still considered impossible to code shellcode using only
ascii-data as commands like jmp, call are not within this range.


Well, it is possible to write ASCII only shellcode (I have seen an
experimental 'a-Z' shellcode decoder), the problem is not the shellcode,
but the data which cannot replaced in most cases: the return address.
On most architectures/operating systems the return address has bytes
that aren't within the 'a-Z' range, and hence couldn't be modified with
a simple overwrite smash if the data is ASCII-filtered.

ciao,
scut

--
- scut () nb in-berlin de - http://nb.in-berlin.de/scut/ --- you don't need a --
-- lot of people to be great, you need a few great to be the best ------------
http://3261000594/scut/pgp - 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07
-- data in VK/USA Mayfly experienced, awaiting transfer location, hi echelon -

Current thread:

AMD Sledgehammer and ascii-only shellcode Holger van Koll (Aug 15)
- Re: AMD Sledgehammer and ascii-only shellcode Holger van Koll (Aug 15)
  - Re: AMD Sledgehammer and ascii-only shellcode Sebastian (Aug 17)
- Re: AMD Sledgehammer and ascii-only shellcode Gerardo Richarte (Aug 17)
  - Re: AMD Sledgehammer and ascii-only shellcode Jon Larimer (Aug 17)