Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: On Polymorphic Evasion
From: Ali Campbell <fdisclosure () alicampbell org uk>
Date: Sat, 02 Oct 2004 19:49:19 +0100

Does the fixed-length nature of RISC instructions make detecting a shellcode on a platform such as PPC via IDS easier ? Or does the larger availability of pseudo-NOP instructions on these platforms (owing chiefly to more combinations of registers being available) in fact make it harder ?

I wrote some shellcode for OS X once, basically as an exercise, and I caught myself wondering about this.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]