|
|
|
|
#1
11-01-2004, 11:02
|
||||
|
||||
|
lifewire: search for shellcode encoders
 iirc one was named dissembler. its a long known technique to bypass input restrictions & ids 
|
|
#3
11-02-2004, 21:00
|
|||
|
|||
|
Nice crackme
I just have the time to have a very short look at it. What the hell the crackme is doing in the Entrypoint. I just get out of the crackme after tracing 6 instructions  Shellcode? Hmm...never heard of that one. Just found a bit of information and now I know a bit more of it. So, how Windows starts executing that crackme? Anyone familiar with Shellcodes are welcome  Regards. Last edited by peleon; 11-02-2004 at 21:45.
|
|
#4
11-03-2004, 03:54
|
|||
|
|||
|
Quote:
|
|
#5
11-03-2004, 15:23
|
|||
|
|||
|
lifewire, thanks for info.
But, how the shell is created? I have debugged the first instructions and it's not related with creating a "cmd.exe" or similart, I'm just debugging ASCII code! and the program cannot be run if I just stop on EntryPoint with SICE and leave the program running after that 
|
|
#7
11-04-2004, 11:20
|
||||
|
||||
|
hehe, sorry for making it even more cofusing.
I was just saying that the technique to encode arbitary code into code represented only with ascii charset (with some restrictions, like < 0x80), is used to encode 'shellcode'. Shellcode is the payload that is executed by an exploit that attacks a bug. When the bug is in a text-based protocol service, like httpd or smtpd, the protocol has restrictions on data it accepts, thats why an encoder is used to turn the 'shellcode' into ascii text. The same kind of technique is used here, to encode a part of the 'crackme' binary into ascii text.
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Dr. Watson Gets an Extreme Makeover | ntwizard | General Discussion | 1 | 05-30-2005 06:07 |
Hybrid Mode
