Immunity, Inc. is pleased to announce the availability of makeunicode2.py - a Python program that will encode arbitrary x86 shellcode into a valid unicode string. This program is available from the BlackHat web site at http://www.blackhat.com/html/win-usa-03/win-usa-03-speakers.html#David%20Aitel (currently Immunity, Inc.'s website's DSL line is undergoing "repairs", and is unavailable until March 12th. Getting reliable business DSL service in NYC is like trying to get DSL service to the moon). Although encoding shellcode into a valid Unicode string may seem obscure, it allows the exploitation of a large segment of buffer overflow attacks, especially on Windows systems, previously thought to be "prohibitively difficult." makeunicode2.py was originally part of CANVAS, Immunity Inc's exploitation demonstration product, but is now released under the Gnu Public License (v2.0). Dave Aitel Marketing and Public Relations Director Immunity, Inc. 917-545-4742 http://www.immunitysec.com/ http://www.immunitysec.com/CANVAS/ (Above URLS will be available again after March 12th, 2003, if Verizon/Qwest is to be believed.) _________________________________________________________________ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
This archive was generated by hypermail 2b30 : Wed Feb 26 2003 - 14:22:34 PST