programmers resources
  http://www.intel-assembler.it/  (c)2017 intel-assembler.it   info@intel-assembler.it
 
Search :  
Lingua Italiana    English Language   
Index
 
just an empty assembly space
just an arrow Intel Platform
just an arrow Article & Guides
just an arrow Download Software


23/01/2009 Featured Article: How to remove Buzus Virus (permalink)




:::3097517:::
Bottone Scambio Directory Pubblicitaonline.it
Home Page | Articles & Guides | Download | Intel Platform | Contacts

Google
 


Bookmark and Share
Download 
Tell a friend



Writing Self-Modifying Code

Utilizing Advanced Assembly techniques

(by russell sanford)

Creating Alpha-Numeric shellcode

This article is online from 2949 days and has been seen 4755 times


(*** download for full text ***)

Writing Self-Modifying Code and
Utilizing Advanced Assembly techniques
Article 2: Advanced Filters, Creating
Alpha-Numeric shellcode
By: XORt aka Russell Sanford
(Russell@Dallas_2600)

- --INTRO-- -
Here we are again. I could not end this "project" having just said what I had covered in the first article. I felt it necessary to move onto this next and more advanced topic. In this article I'm going to show you how to conquer a rather tedious - and ALMOST impossible task: creating shellcode completely comprised of alphanumeric characters. "Why on earth would we want to do this?" you may be asking yourself right about now. The answer is simple.
There are several filtering schemes out there being employed by programs that ONLY allow alphanumeric characters to be passed into their buffers. Many programmers/hackers will tell you these are impossible to exploit. In a great deal of ways they are right, but for the most part they are wrong. Creating alphanumeric shellcode is time-consuming, annoying, and tiring. Most people simply give up due to the complexity of its creation and just assume it to be an impossible task. This is why there is little other documentation like this available to you out there on the net.
But, we will go onto cover this topic in thorough detail. By the end of this article you will not only be able to create your own code with little effort. But you will know exactly what obstacles your code will be facing and how to overcome them when possible. There is one last note I should add before beginning this article. Due to the complexity of this type of attack and the ratio of shellcode/original-shellcode, this type of attack will almost never work against a Windows host. The code covered in this article is intended only for a Linux box running under an IA32 Intel processor.
Ok, so lets get started.

[1] What Information We Need To Know Before beginning
[2] The Plan
[3] The Blueprint
[4] Code #1: Alpha-Numeric Shellcode with XOR
[5] Code #2: Alpha-Numeric Shellcode with IMUL
[6] The Code

(*** download for full text ***)


Top
Download 
Tell a friend
Bookmark and Share



Similar Articles

Anti Debugging Tricks Analysis
Notes by M.Forrest on 'Anti Debugging Tricks'
(by Michael Forrest)

Anti Debugging Tricks Rel.2
Tecniche di Antidebug in assembler
(by Inbar Raz)

Anti Debugging Tricks Rel.5
Antidebugging techniques
(by Inbar Raz)

Anti-Debugger Techniques
Assembler techniques for protecting code
(by Anonymous)

Applied Binary Code Obfuscation
Obfuscation in assembler
(by N.George, G.Charalambous)

Binary Protection Schemes
Code Protection under Linux
(by Andrew Griffiths)

Code Concealment
Come sigillare il proprio codice
(by Demogorgon)

Keep Your Code Hidden From Prying Eyes
Tecniche di back-jump nel codice
(by Demogorgon)

Reverse engineering: Anti-cracking Techniques
How to protect your code in 24 pages
(by N.George, G.Charalambous)

Windows Anti-Debug Reference
Several anti-debugging techniques used on Windows
(by Nicolas Falliere)

 Tags: antidebug


webmaster jes
writers rguru, tech-g, aiguru, drAx

site optimized for IE/Firefox/Chrome with 1024x768 resolution

Valid HTML 4.01 Transitional


ALL TRADEMARKS ® ARE PROPERTY OF LEGITTIMATE OWNERS.
© ALL RIGHTS RESERVED.

hosting&web - www.accademia3.it

grossocactus
find rguru on
http://www.twitter.com/sicurezza3/
... send an email ...
Your name

Destination email

Message

captcha! Code