Vulnerability Development mailing list archives
Re: Shell code -RVA techniques or something similar
From: Enrique A. Compañ Gzz. <enrique () virtekweb net>
Date: Thu, 3 Oct 2002 10:47:01 +0200
Sometime ago I created a shellcode that doesn't use any hardcoded address, it looks in the process for them... I posted it here, but I have to find it. My advice is too look into virii coding tutorials... There're good tutorials around this and other very interesting subjects. Also look for a PE format reference/tutorial. Look for 29a magazine and also at vx.netlux.org Regards ----- Original Message ----- From: "Gary O'leary-Steele" <garyo () sec-1 com> To: <pen-test () securityfocus com> Cc: <vuln-dev () securityfocus com> Sent: Thursday, September 26, 2002 4:54 PM Subject: Shell code -RVA techniques or something similar
Hi, I am looking for documentation/tutorial on writing shell code for Windows. Specifically using RVA techniques or something similar to make my shell
code
service pack independent. The problem I am experiencing is that all the exploits I have written in
the
past use fixed addresses within Kernel32.dll such as the offset for
winexec
or loadlibrarya and getprocaddress. Therefore a variation in service pack etc causes my exploit to fail. Thanks in advance. Kind Regards, Gary
Current thread:
- Re: Shell code -RVA techniques or something similar Enrique A . Compañ Gzz . (Oct 03)