Vulnerability Development mailing list archives
Re: AlphaNumeric Exploitation Help
From: <6d79676d61696c6163636f756e74 () gmail com>
Date: 26 May 2005 20:16:28 -0000
In-Reply-To: <20050526113825.537.qmail () www securityfocus com> read this: http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027147.html ======================= void Encode2AlnumUsage() { fprintf(stderr, ENC2ALNUM_COPYRIGHT); fprintf(stderr, "ERROR in Encode2Alnum (invalid input_reg)\n\n"); fprintf(stderr, "input_reg must be one of the following:\n"); fprintf(stderr, " reg = the register points to the shellcode\n"); fprintf(stderr, "\tSupported registers are eax, ebx, ecx, edx, esi, edi, ebp, esp\n"); fprintf(stderr, " [reg] = reg points to a pointer to the shellcode\n"); fprintf(stderr, "\tSupported registers are the same as above\n"); fprintf(stderr, " reg+X\n"); fprintf(stderr, " reg-x\n"); fprintf(stderr, " [reg+X]\n"); fprintf(stderr, " [reg-x]\n\n\n"); fprintf(stderr, "\tenc2alnum [eax]\n"); fprintf(stderr, "Example - Assumes ecx-8 is the shellcode address:\n"); fprintf(stderr, "\tenc2alnum ecx-8\n"); } ================
Received: (qmail 5525 invoked from network); 26 May 2005 16:49:47 -0000 Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27) by mail.securityfocus.com with SMTP; 26 May 2005 16:49:47 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing3.securityfocus.com (Postfix) with QMQP id D106D237227; Thu, 26 May 2005 09:20:01 -0600 (MDT) Mailing-List: contact vuln-dev-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <vuln-dev.list-id.securityfocus.com> List-Post: <mailto:vuln-dev () securityfocus com> List-Help: <mailto:vuln-dev-help () securityfocus com> List-Unsubscribe: <mailto:vuln-dev-unsubscribe () securityfocus com> List-Subscribe: <mailto:vuln-dev-subscribe () securityfocus com> Delivered-To: mailing list vuln-dev () securityfocus com Delivered-To: moderator for vuln-dev () securityfocus com Received: (qmail 18063 invoked from network); 26 May 2005 12:07:45 -0000 Date: 26 May 2005 11:38:25 -0000 Message-ID: <20050526113825.537.qmail () www securityfocus com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) From: <ramatkal () hotmail com> To: vuln-dev () securityfocus com Subject: AlphaNumeric Exploitation Help I am trying to exploit a vulnerable server which only allows alphanumeric characters.... I have successfully taken control of EIP and now need to do a JUMP -600 bytes..... The problem is, that 'eb' and 'e9' are not alphanumeric asci codes and thus cannot be used to do the jumps in the payload.... Anyone got any ideas/tricks/advice on how i can accomplish a JMP -600 bytes, or any type of jump for that matter, only using alphanumeric chars? Thanks, RaMatkal
Current thread:
- AlphaNumeric Exploitation Help ramatkal (May 26)
- Re: AlphaNumeric Exploitation Help KF (lists) (May 26)
- Re: AlphaNumeric Exploitation Help Felix Lindner (May 26)
- Re: AlphaNumeric Exploitation Help Costin Ionescu (May 27)
- <Possible follow-ups>
- RE: AlphaNumeric Exploitation Help Stejerean, Cosmin (May 26)
- Re: AlphaNumeric Exploitation Help 6d79676d61696c6163636f756e74 (May 26)