multi os/multi arch shellcode is just one way (a nice one, though) another way for a multi os/multi arch worm would be: - containing code for each os (or having the possibility to get the needed code via network connections etc) - fingerprinting the target system (udp, icmp, tcp) - injecting the right code in combination with c sourcecode (almost every unix has a "cc") and/or shellcode, perl a versatile worm can be created. further reading at: http://lcamtuf.na.export.pl/worm.txt (as it's slow you might to try google's cache: http://www.google.com/search?q=cache:lcamtuf.na.export.pl/worm.txt ) cheerz corecode At 07:27 PM 7/24/2001, Riley Hassell wrote: >With all the talk on multi OS shellcode and the possibility of >cross-platform worm infections I'd like to share a little research I've been >doing. > >-Riley #2 ;) > > >[ Multi OS Shellcode on common architecture ] > >Multi OS shellcode is very possible, I don't want to write the manual here >but here's a couple of quick ideas for everyone to ponder... <snip> >[ Multi OS Shellcode on unique architecture ] > >Writing shellcode to work across architectures is more difficult, and very >time consuming. Theoretically to develop Multi-OS/Multi-Arch shellcode, one >needs a "sampling engine" or a logical path that code can travel down and be >directed by it's CPU to the correct payload.
This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 11:48:14 PDT