Vulnerability Development mailing list archives
Re: shellcode with standard characters
From: Jose Ronnick <matrix () phiral com>
Date: Thu, 12 Jun 2003 17:04:38 -0700
On Thu, 12 Jun 2003 11:20:00 +0200 JohnnyRun <gianni79 () gamebox net> wrote:
Hi! This is my first post and I'm looking for some documentation. A friend of mine has produced a segfault with malloc vulnerability on an application. We would like to produce something more interesting. The field overflowed can accept only characters between 0 and 128. Any other character is replaced with a whitespace. Can we inject shellcode with only this characters avaible? Can you suggest me documentation about shellcode writing?
Several months I wrote a tool called dissembler, which can convert an existing piece of shellcode into printable ASCII shellcode.. this should help you with your exploitation... http://www.phiral.com/research/dissembler.html Hope this helps.. -- %JOSE_RONNICK%50,:-dddd-0EEb-pVVyP\-1111-jjjj-yNNN-_4HUP-qq0q-02%r-_Z%JP-%Iwp-5kyyP-n5nn-aTTa-1271P-4ttt-/888-3tSMP-bbnb-L8wL-kMwgP-3Hy3-rqzWP-m%m8-h4x--v%r5P-S7S7-g7g7-F2u2PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP
Attachment:
_bin
Description:
Current thread:
- shellcode with standard characters JohnnyRun (Jun 12)
- Re: shellcode with standard characters andrewg (Jun 12)
- Re: shellcode with standard characters KF (Jun 12)
- Re: shellcode with standard characters sin (Jun 12)
- Re: shellcode with standard characters Jose Ronnick (Jun 12)
- Re: shellcode with standard characters steve (Jun 12)