Re: GetPC code (was: Shellcode from ASCII)

From: Roland Postle (mailat_private)
Date: Thu Jun 26 2003 - 13:28:40 PDT

Next message: Hyperion: "Starting on Assembly under win32"

Previous message: Gerardo Richarte: "Re: GetPC code (was: Shellcode from ASCII)"
In reply to: Roland Postle: "Re: GetPC code (was: Shellcode from ASCII)"
Next in thread: Berend-Jan Wever: "Re: GetPC code (was: Shellcode from ASCII)"
Next in thread: Gerardo Richarte: "Re: Shellcode from ASCII"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 26 Jun 2003 20:40:30 +0100, Roland Postle wrote:

>B9 D0FEFD7F    MOV ECX,7FFDFED0
>8B01           MOV EAX,DWORD PTR DS:[ECX]
>C701 5B53C341  MOV DWORD PTR DS:[ECX],41C3535B
>E8 D8DFBD7F    CALL 7FFDFED0
>8901           MOV DWORD PTR DS:[ECX],EAX

Oops, as Gera just pointed out to me I used a relative call in my
haste. I intended to use the absolute call (opcode 9A), only Olly
didn't compile it how I wanted. However the problem with that is that
you need to specify the segment, and on windows at least, the only
usuable one contains a null (0x001B). Perhaps there are systems where
it'll work, but for NT I'll have to keep thinking :)

- Blazde

Next message: Hyperion: "Starting on Assembly under win32"
Previous message: Gerardo Richarte: "Re: GetPC code (was: Shellcode from ASCII)"
In reply to: Roland Postle: "Re: GetPC code (was: Shellcode from ASCII)"
Next in thread: Berend-Jan Wever: "Re: GetPC code (was: Shellcode from ASCII)"
Next in thread: Gerardo Richarte: "Re: Shellcode from ASCII"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 26 2003 - 15:39:50 PDT