Before placing shellcode into a buffer, we must ensure that none of the bytes of
the shellcode violate any input-formatting restrictions. Unfortunately, this will not always
be the case. Fixing the problem may require access to the assembly language source for our
desired shellcode, along with sufficient knowledge of assembly language to modify the
shellcode to avoid any values that might lead to trouble when processed by the vulnerable
application. Even armed with such knowledge and skill, it may be impossible to rewrite
Gray Hat Hacking: The Ethical Hacker??™s Handbook
204
our shellcode, using alternative instructions, so that it avoids the use of any bad characters.
This is where the concept of shellcode encoding comes into play.
The purpose of a shellcode encoder is to transform the bytes of a shellcode payload
into a new set of bytes that adhere to any restrictions imposed by our target application.
Unfortunately, the encoded set of bytes is generally not a valid set of machine language
instructions, in much the same sense that an encrypted text becomes unrecognizable as
English language. As a consequence, our encoded payload must, somehow, get decoded
on the target computer before it is allowed to run.
Pages:
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399