exploit instruction code construction Jun 10 2004 02:44AM
ari (edelkind-secpapers episec com) (1 replies)
"Exploit Instruction Code Construction: assisting the manipulation of
services on obscure operating systems"

I wrote this informal paper nearly two years ago, but it was never
publically released for various reasons. It should still be quite
useful today.

The paper discusses the creation of exploit instruction code
("shellcode"), especially useful on operating systems for which there is
none in shrinkwrapped form, or when specialty code is desired. It also
gives examples of how one could create code sized to fit in diminutive
buffers, and offers various code snippets as illustration. This
document does not deal with forms of exploitation, security
vulnerabilities, or the application of exploit instruction code in the
process of service manipulation.

Some knowledge of assembly language and C is assumed, though one may
still be able to gather useful information with little exposure to

If you feel that anything needs clarification or elaboration, send an
e-mail to the address listed in the document, and perhaps it can be
improved upon.

ari (edelkind)

[ reply ]
Re: exploit instruction code construction Jun 10 2004 10:30PM
ari (edelkind-secpapers episec com)


Privacy Statement
Copyright 2010, SecurityFocus