Yeah, I am writing a shellcode encoder that does just that, first tests proved it worked. The result will be twice as big as the origional shellcode and a ~150 bytes decoder has to be added. It's very beta atm. so I'm not sharing the code yet... I'll post something when I'm done testing. Let me know if you're interested in working with me on this. Also there was an article in phrack about this: http://www.phrack.org/show.php?p=57&a=15 It's a very usefull resource and includes source for a program that can encode your shellcode too. Berend-Jan Wever ----- Original Message ----- From: "martin rakhmanoff" <jimmersat_private> To: <vuln-devat_private> Sent: Wednesday, June 25, 2003 12:09 Subject: Shellcode from ASCII > > > Hello > > > > > > Usually when coding exploits one needs to escape null bytes in shellcode. > > To do this XOR is often used. My question is: is it possible to escape not > > only null bytes but also non-ascii bytes? > > In other words is it possible to have shellcode (for Windows 2000/XP/2003) > > that consists of bytes with codes 0x21-0x7e? > > > > Thanks > > Martin >
This archive was generated by hypermail 2b30 : Wed Jun 25 2003 - 12:02:41 PDT