Code examples ? Check out the "Shellcode encoders" source codes on my webpage.
Cheers, SkyLined PS. please send any discussions on the paper in pm to [EMAIL PROTECTED] or #SkyLined on EFNet ----- Original Message ----- From: "Michael Vergoz" <[EMAIL PROTECTED]> To: "Peter Willis" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; "Berend-Jan Wever" <[EMAIL PROTECTED]> Sent: Thursday, November 18, 2004 09:04 Subject: [Full-Disclosure] Re: New whitepaper: Writing IA32 Restricted Instruction Set Shellcode Decoder Loops > Hi, > > Nice paper. > Some code examples should be great (i think). > A question : what about false-disassembly into shellcode ? > > like : > mov eax, eax > [...] > jmp false > db 0xAA > [...] > false: > mov eax, 1 > int 0x80 > [...] > > mv > > On 17 nov. 04, at 23:00, Peter Willis wrote: > > > Hey, cool paper. Speaking of phrack, if in the future you have an > > article you think is print-worthy but is rejected by most zines, try > > sending it to Binary Revolution <[EMAIL PROTECTED]>. Although > > they're newer and have had some delays in getting new issues out, > > they're starting to re-focus on the magazine and the number of their > > supporters is growing. Sorry if this comes off a little advertisey, > > but hopefully if more people write in then BinRev can publish more > > original articles about vulnerabilities which can then make it back > > onto the web as sample articles. > > > > Berend-Jan Wever wrote: > > > >> Hi all, > >> > >> This one got rejected by phrack and I couldn't be arsed to rewrite it > >> so it would make the next edition: > >> "Writing IA32 Restricted Instruction Set Shellcode Decoder Loops" by > >> SkyLined > >> ( http://www.edup.tudelft.nl/~bjwever/whitepaper_shellcode.html ) > >> > >> The article addresses the requirements for writing a shellcode > >> decoder loop using a limited number of characters that limits our > >> instruction set. Most of it is based on my experience with > >> alphanumeric decoders but the principles apply to any piece of code > >> that is written to work with a limited instruction set. (It's a > >> continuation on rix's and obscou's work for phrack). > >> > >> Comments and questions welcome, but I can not guarantee an answer to > >> n00b questions. > >> > >> Cheers, > >> SkyLined > >> > >> http://www.edup.tudelft.nl/~bjwever > >> <[EMAIL PROTECTED]> > >> > >> > >> > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html