[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] PPC OSX Shellcode ASM

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] PPC OSX Shellcode ASM
From: KF <dotslash@xxxxxxxxxxx>
Date: Tue, 02 Sep 2003 10:51:31 -0400

Nice paper... even though you reference Ghandi at the bottom you may wanna give specific credit to him for your null free technique...

        ;; Use the magic offset constant 268 because it makes the
       ;; instruction encodings null-byte free.
        addi    r31, r31, 268+36
        addi    r3, r31, -268   ; r3 = path

http://www.dopesquad.net/security/shellcode/ppc/execve_binsh.s

And If I remember correctly that army.mil webserver is a m68k not ppc...
-KF

llo there,
                Please find attached my paper
on designing shellcodes on the PowerPc architecture.

The paper outlines PowerPC architecture fundementals,
and methods of deriving working shellcodes for the
exploitation of vulnerabilities discovered on the OSX
and Darwin Operating Systems.

Very sorry if this considered OFF TOPIC please excuse.

Kind Regards

B-r00t.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] PPC OSX Shellcode ASM
  - From: B-r00t

Prev by Date: Re: [Full-Disclosure] Virus, whether the scanners say so or not?
Next by Date: [Full-Disclosure] GLSA: horde (200309-02)
Previous by thread: [Full-Disclosure] PPC OSX Shellcode ASM
Next by thread: Re: [Full-Disclosure] PPC OSX Shellcode ASM
Index(es):
- Date
- Thread