You might want to look at http://packetstormsecurity.nl/UNIX/misc/asc.c, which can generate ascii shellcode from binary shellcode. Depending on the environment, a return to a libc jmp register may be feasible to you. Potentially, http://www.phrack.org/show.php?p=59&a=7 may be interesting to you, wrt jump codes. Then again, it may be straight forward ;) > Hi! > This is my first post and I'm looking for some documentation. > A friend of mine has produced a segfault with malloc vulnerability on > an application. > We would like to produce something more interesting. > The field overflowed can accept only characters between 0 and 128. Any > other character is replaced with a whitespace. > > Can we inject shellcode with only this characters avaible? > Can you suggest me documentation about shellcode writing? > > Thanks a lot > JohnnyRun > > > > -- > -------------------------------
This archive was generated by hypermail 2b30 : Thu Jun 12 2003 - 18:20:47 PDT