Hi, I'm doing some research into creating variants of common attacks, but I ran into a problem of sorts. For most of the attacks I have, the shellcode consists of the overflow and the actual malicious code that is run. I want to be able to isolate the overflow from the rest of the shellcode and use that to create attack variants. Problem is, I don't know where one ends and the other begins! I figure if I turn the hex-encoded shellcode back into assembly code, I could probably figure it out. I'm familiar with how to do the reverse in gdb, but is it possible to do what I want? To restate: shellcode -> asm is what I need. If this is a simple thing, my apologies - but the security-basics list rejected my post =) -Sean Zadig ----- Sean Zadig Student, UC Davis PGP Key ID: 0xDE44A79F 7EE1 C80A A0C1 B224 45CE F74B 5835 0115 DE44 A79F _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com
This archive was generated by hypermail 2b30 : Tue Oct 08 2002 - 13:03:36 PDT