Also, check out http://www.phiral.com/research/dissembler.html On Wed, 25 Jun 2003 18:47:44 +0200 "Berend-Jan Wever" <SkyLinedat_private> wrote: > Yeah, I am writing a shellcode encoder that does just that, first tests > proved it worked. The result will be twice as big as the origional shellcode > and a ~150 bytes decoder has to be added. > It's very beta atm. so I'm not sharing the code yet... I'll post something > when I'm done testing. Let me know if you're interested in working with me > on this. > > Also there was an article in phrack about this: > http://www.phrack.org/show.php?p=57&a=15 > It's a very usefull resource and includes source for a program that can > encode your shellcode too. > > Berend-Jan Wever > > ----- Original Message ----- > From: "martin rakhmanoff" <jimmersat_private> > To: <vuln-devat_private> > Sent: Wednesday, June 25, 2003 12:09 > Subject: Shellcode from ASCII > > > > > > > > Hello > > > > > > > > > > > > Usually when coding exploits one needs to escape null bytes in shellcode. > > > > To do this XOR is often used. My question is: is it possible to escape not > > > > only null bytes but also non-ascii bytes? > > > > In other words is it possible to have shellcode (for Windows 2000/XP/2003) > > > > that consists of bytes with codes 0x21-0x7e? > > > > > > > > Thanks > > > > Martin > > > > -- %JOSE_RONNICK%50,:-dddd-0EEb-pVVyP\-1111-jjjj-yNNN-_4HUP-qq0q-02%r-_Z%JP-%Iwp-5kyyP-n5nn-aTTa-1271P-4ttt-/888-3tSMP-bbnb-L8wL-kMwgP-3Hy3-rqzWP-m%m8-h4x--v%r5P-S7S7-g7g7-F2u2PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP
This archive was generated by hypermail 2b30 : Thu Jun 26 2003 - 09:07:51 PDT