Vulnerability Development mailing list archives

shellcode -> asm?

From: "Sean Zadig" <seanzadig () hotmail com>
Date: Tue, 08 Oct 2002 12:12:21 -0700

Hi,

I'm doing some research into creating variants of common attacks, but I raninto a problem of sorts. For most of the attacks I have, the shellcodeconsists of the overflow and the actual malicious code that is run. I wantto be able to isolate the overflow from the rest of the shellcode and usethat to create attack variants. Problem is, I don't know where one ends andthe other begins! I figure if I turn the hex-encoded shellcode back intoassembly code, I could probably figure it out. I'm familiar with how to dothe reverse in gdb, but is it possible to do what I want? To restate:shellcode -> asm is what I need. If this is a simple thing, my apologies -but the security-basics list rejected my post =)

  -Sean Zadig

-----
Sean Zadig
Student, UC Davis
PGP Key ID: 0xDE44A79F
7EE1 C80A A0C1 B224 45CE  F74B 5835 0115 DE44 A79F


_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

Current thread:

shellcode -> asm? Sean Zadig (Oct 08)
- Re: shellcode -> asm? Eloy A. Paris (Oct 08)
- Re: shellcode -> asm? Stephen (Oct 08)
- Re: shellcode -> asm? Erik Sperling Johansen (Oct 08)
- Re: shellcode -> asm? Enrique A . Compañ Gzz . (Oct 08)
- RE: shellcode -> asm? Riley Hassell (Oct 08)
- Re: shellcode -> asm? Simon 'corecode' Schubert (Oct 09)
- Re: shellcode -> asm? Jedi/Sector One (Oct 10)
  - Re: shellcode -> asm? Paweł Krawczyk (Oct 14)
- <Possible follow-ups>
- RE: shellcode -> asm? Sean Zadig (Oct 09)
- Re: shellcode -> asm? stallman (Oct 24)

(Thread continues...)