Vulnerability Development mailing list archives
searching through the address space of a process
From: Franklin DeMatto <franklin.lists () qdefense com>
Date: Sun, 14 Oct 2001 00:32:10 -0400
Is there a way for a process (i.e., shellcode) to search through its address space (looking for a particular string, etc.)? I'm interested particularly in doing this under Windows, although Unix would be nice also. Can this be done without using any API/syscalls, just in assembly alone?
I can see to basic ways of doing it: 1) Determining the address space, and then searching it 2) Trying every block, but catching the gpf/segfault exceptions However, I do not know how to implement either one Franklin Franklin DeMatto Senior Analyst, qDefense Penetration Testing http://qDefense.com qDefense: Making Security Accessible
Current thread:
- searching through the address space of a process Franklin DeMatto (Oct 14)
- Re: searching through the address space of a process dullien (Oct 14)
- Re: searching through the address space of a process Gigi Sullivan (Oct 15)
- Re: searching through the address space of a process Gigi Sullivan (Oct 15)
- Re: searching through the address space of a process Enrique A. CompaƱ Gzz. (Oct 15)
- <Possible follow-ups>
- Re: searching through the address space of a process John Hillman (Oct 14)