Dillinja
Aug 12 2003, 03:08 PM
| QUOTE |
This paper is dedicated to win32 assembly components (the asmcodes), the universal assembly code procedures that are to be executed after successful exploitation of a vulnerability in Windows operating systems. Originally, such assembly components have been referred to as shellcodes, however we prefer to call them asmcodes, as their functionality is currently definitely more complex than just spawning a command shell.
The actual type of vulnerability or attack technique is not relevant in this context, as the asmcodes are usually not strongly dependent on such details. They are, however, still the critical parts of most attacks, as their effectiveness and impact significantly rely on quality of assembly components.
In this context we would like to present the advantages of technologies we have been using in commercially conducted penetration tests. The codes that are published along with this paper have been proved to be effective in many complex cases. For the purposes of the paper, we have arranged the codes and provided them with some comments focused on significant technical details.
|
Found this paper to be an excellent read, also recommend reading their paper on assembly components on *NIX.
LSD Homepage
jpater
Sep 2 2003, 12:22 AM
Thanks for the paper.
Tlacaelel
Sep 3 2003, 10:45 PM
Thank you. I have almost forgotten what assembly looked like.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
