lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <005c01c4cd6d$8f515d20$0100a8c0@grotedoos>
From: skylined at edup.tudelft.nl (Berend-Jan Wever)
Subject: Re: New whitepaper: Writing IA32 Restricted Instruction Set Shellcode Decoder Loops

Code examples ?
Check out the "Shellcode encoders" source codes on my webpage.

Cheers,
SkyLined

PS. please send any discussions on the paper in pm to skylined@...p.tudelft.nl or #SkyLined on EFNet

----- Original Message ----- 
From: "Michael Vergoz" <descript@...ureyourapache.com>
To: "Peter Willis" <psyphreak@...eaker.net>
Cc: <full-disclosure@...ts.netsys.com>; <vuln-dev@...urityfocus.com>; "Berend-Jan Wever" <skylined@...p.tudelft.nl>
Sent: Thursday, November 18, 2004 09:04
Subject: [Full-Disclosure] Re: New whitepaper: Writing IA32 Restricted Instruction Set Shellcode Decoder Loops


> Hi,
> 
> Nice paper.
> Some code examples should be great (i think).
> A question : what about false-disassembly into shellcode ?
> 
> like :
> mov eax, eax
> [...]
> jmp false
> db 0xAA
> [...]
> false:
> mov eax, 1
> int 0x80
> [...]
> 
> mv
> 
> On 17 nov. 04, at 23:00, Peter Willis wrote:
> 
> > Hey, cool paper. Speaking of phrack, if in the future you have an 
> > article you think is print-worthy but is rejected by most zines, try 
> > sending it to Binary Revolution <articles@...rev.com>. Although 
> > they're newer and have had some delays in getting new issues out, 
> > they're starting to re-focus on the magazine and the number of their 
> > supporters is growing. Sorry if this comes off a little advertisey, 
> > but hopefully if more people write in then BinRev can publish more 
> > original articles about vulnerabilities which can then make it back 
> > onto the web as sample articles.
> >
> > Berend-Jan Wever wrote:
> >
> >> Hi all,
> >>
> >> This one got rejected by phrack and I couldn't be arsed to rewrite it 
> >> so it would make the next edition:
> >> "Writing IA32 Restricted Instruction Set Shellcode Decoder Loops" by 
> >> SkyLined
> >> ( http://www.edup.tudelft.nl/~bjwever/whitepaper_shellcode.html )
> >>
> >> The article addresses the requirements for writing a shellcode 
> >> decoder loop using a limited number of characters that limits our 
> >> instruction set. Most of it is based on my experience with 
> >> alphanumeric decoders but the principles apply to any piece of code 
> >> that is written to work with a limited instruction set. (It's a 
> >> continuation on rix's and obscou's work for phrack).
> >>
> >> Comments and questions welcome, but I can not guarantee an answer to 
> >> n00b questions.
> >>
> >> Cheers,
> >> SkyLined
> >>
> >> http://www.edup.tudelft.nl/~bjwever
> >> <skylined@...p.tudelft.nl>
> >>
> >>
> >>
> >
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ