Alphanumeric shellcode

In computer security alphanumeric shellcode is a shellcode that consists of or assembles itself on execution into entirely alphanumeric ASCII or Unicode characters such as 0-9, A-Z and a-z.[1][2] This type of encoding was created by hackers to hide working machine code inside what appears to be text. This can be useful to avoid detection of the code and to allow the code to pass through filters that scrub non-alphanumeric characters from strings (in part, such filters were a response to non-alphanumeric shellcode exploits). A similar type of encoding is called printable code and uses all printable characters (0-9, A-Z, a-z, !@#%^&*() etc...) It has been shown that it is possible to create shellcode that looks like normal text in English.[3]

Writing alphanumeric or printable code requires good understanding of the instruction set architecture of the machine(s) on which the code is to be executed. It has been demonstrated that it is possible to write alphanumeric code that is executable on more than one machine.[4]

See also

Further reading

References

  1. SkyLined. "Writing ia32 alphanumeric shellcodes". rix.
  2. SkyLined. "Building IA32 'Unicode-Proof' shellcodes". obscou.
  3. J. Mason; S. Small; F. Monrose; G. MacManus (November 2009). "English shellcode" (PDF). Retrieved 2010-01-10.
  4. "Multi-architecture (x86) and 64-bit alphanumeric shellcode explained". Blackhat Academy.
This article is issued from Wikipedia - version of the 11/21/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.