|
Writing anti-IDS shellcode
|
|
Hits: 18 |
|
Date added: 01/27/2006 |
|
Author:
In the last few weeks i had made an intensive study of Intrusion -
Detection Systems like snort. I found that several ways of escaping from
being detected while checking for vulnerable CGI's were already made by
RFP (rfp@wiretrip.net). Also many other common intrusion tactics like
port-scanning was also escaped by using stealth-scanners like nmap. But
I noticed that the IDS had also checked for a person trying to remotely
buffer overflow a daemon. When I searched through the net for anti-IDS
tactics for escaping form being tracked, I found none. So i decided to
do a bit of thinking :). |
|
|
|
|
|
Understanding Windows Shellcode
|
|
Hits: 48 |
|
Date added: 01/29/2006 |
|
The topics and assembly in this document have been analyzed in the interest
of spreading knowledge and initiating discussions on the topic of Windows
shellcode. The author is in no way implying that the assembly presented in
this document is the best, nor should one infer that the author speaks from a
pedestal higher than that of the reader. It is the author’s hope that readers will
make suggestions and comments on the subject matter. |
|
|
|
|
|
|
The Art of Writing Shellcode
|
|
Hits: 16 |
|
Date added: 02/03/2006 |
|
|
|
|
|
|
|
|
Writing Small Shellcode
hot!
|
|
Hits: 51 |
|
Date added: 02/04/2006 |
|
|
|
|
|
|
|
|
Local Stack Overflow (Advcanced Module) v2.1
|
|
Hits: 17 |
|
Date added: 02/18/2006 |
|
Execute code when the stack has enable to don't execute code.
Execute code when buffer isn't big enough for the shellcode. |
|
|
|
