On Thu, 12 Jun 2003 11:20:00 +0200 JohnnyRun <gianni79at_private> wrote: > Hi! > This is my first post and I'm looking for some documentation. > A friend of mine has produced a segfault with malloc vulnerability on an > application. > We would like to produce something more interesting. > The field overflowed can accept only characters between 0 and 128. Any > other character is replaced with a whitespace. > > Can we inject shellcode with only this characters avaible? > Can you suggest me documentation about shellcode writing? Several months I wrote a tool called dissembler, which can convert an existing piece of shellcode into printable ASCII shellcode.. this should help you with your exploitation... http://www.phiral.com/research/dissembler.html Hope this helps.. -- %JOSE_RONNICK%50,:-dddd-0EEb-pVVyP\-1111-jjjj-yNNN-_4HUP-qq0q-02%r-_Z%JP-%Iwp-5kyyP-n5nn-aTTa-1271P-4ttt-/888-3tSMP-bbnb-L8wL-kMwgP-3Hy3-rqzWP-m%m8-h4x--v%r5P-S7S7-g7g7-F2u2PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP
This archive was generated by hypermail 2b30 : Thu Jun 12 2003 - 18:35:06 PDT