Full Disclosure: Re: On Polymorphic Evasion

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: On Polymorphic Evasion

From: Ali Campbell <fdisclosure () alicampbell org uk>
Date: Sat, 02 Oct 2004 19:49:19 +0100

Does the fixed-length nature of RISC instructions make detecting ashellcode on a platform such as PPC via IDS easier ? Or does the largeravailability of pseudo-NOP instructions on these platforms (owingchiefly to more combinations of registers being available) in fact makeit harder ?

I wrote some shellcode for OS X once, basically as an exercise, and Icaught myself wondering about this.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

On Polymorphic Evasion Phantasmal Phantasmagoria (Oct 01)
- Re: On Polymorphic Evasion zero (Oct 02)
  - Re: On Polymorphic Evasion Ali Campbell (Oct 02)
    - Re: On Polymorphic Evasion Andrew Farmer (Oct 02)
- Re: On Polymorphic Evasion Vlad902 (Oct 02)
- <Possible follow-ups>
- Re: On Polymorphic Evasion PERFECT. MATERIAL (Oct 01)
  - Re: Re: On Polymorphic Evasion xbud (Oct 01)
    - Re: Re: On Polymorphic Evasion PERFECT.MATERIAL (Oct 01)