mailing list archives
Re: On Polymorphic Evasion
From: Ali Campbell <fdisclosure () alicampbell org uk>
Date: Sat, 02 Oct 2004 19:49:19 +0100
Does the fixed-length nature of RISC instructions make detecting a
shellcode on a platform such as PPC via IDS easier ? Or does the larger
availability of pseudo-NOP instructions on these platforms (owing
chiefly to more combinations of registers being available) in fact make
it harder ?
I wrote some shellcode for OS X once, basically as an exercise, and I
caught myself wondering about this.
Full-Disclosure - We believe in it.