Offensive Guides & Information This is where you can post your guides.

InterN0T Affiliates:
EvilZonepy1337

SirCapsAlot.NET

Reply
 
LinkBack Thread Tools Display Modes
  #1  
Old 25th November 2009, 15:06
MaXe's Avatar
The BOFH
  
Join Date: Jun 2008
Location: Sweden - Ljusdal
Posts: 2,718
Blog Entries: 31
Rep Power: 10
Reputation: 146
MaXe will become a Token soonMaXe will become a Token soon
English Shellcode - Whitepaper
[In this paper, they challenge the assumption that shellcode must conform
to superficial and discernible representations. Specifically, they demonstrate
a technique for automatically producing English Shellcode, transforming
arbitrary shell-code into a representation that is superficially similar to
English prose. This was published on packetstormsecurity.org ]



This surely is a completely new topic to me.. Shellcode that consists of
english phrases as in you send a payload in f.ex. an english e-mail where One
of course has included a decoder and then it turns into a reverse tcp shell?



It totally blew my mind when I read about this, sounds like something from The Matrix doesn't it?

But it's not, it is very real and I believe that we in the future might see this
in massive use since it's harder to detect. The problem nowadays is that it
is not that easy to implement yet and there's buffer limits which is still why
shellcode has to be small and efficient.

The decoding part looks rather cool which you can see below:



It still blows my mind but at least I believe that it is possible to do.

Direct Link: http://packetstormsecurity.org/paper...s243-mason.pdf

References:
http://packetstormsecurity.org/filed...mason.pdf.html


All of the best,
MaXe
__________________
Code:
                                ____/____\_________________
                      \|/      | OMG IT'S TEH LEET STORY!! |
    /*\         /\    -*-      |______  ________/\_________|
   // \\       /  \   /|\        /    \/    \  /  \
  /// \\\     /    \            /            \/    \
   // \\     /      \          /      \o/     \     \
    | |     /        \        /        |       \     \
 ___| |____/          \______/________/ \_______\_____\_________
          /     o      \
               #"=-
               /\
 __________________________________________________________
    On a mission, to find the lost member of Teh Unkwon..
Reply With Quote
  #2  
Old 25th November 2009, 21:09
Norph's Avatar
 
Join Date: Oct 2009
Location: Denmark
Posts: 235
Blog Entries: 1
Rep Power: 2
Reputation: 34
Norph is on the way to become something
Re: English Shellcode - Whitepaper
Woah :o
This sounds awesome. I must agree - mindblowing xD
__________________
Men have two emotions: Hungry and Horny. If you see him without an erection, make him a sandwich.
Reply With Quote
Reply

Bookmarks

« Writing Windows Exploits | XSS Tutorial - From Bug to Vulnerability »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Shellcode converter Except1onX C# // .NET 10 26th December 2009 16:12
Linux x86 Shellcode Obfuscator MaXe Exploits, Vulnerabilities & PoCs 0 6th January 2009 11:52
Security at the next level Whitepaper Drathnar Security Tutorials and Guides 0 13th August 2008 22:00


All times are GMT +2. The time now is 05:41.
Copyright ©2007 - Forever, InterN0T & Teh Unkwon

Hosted by 1and1


Contact Us - InterN0T - Archive - Top
Powered by vBulletin® Version 1.3.37
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.