[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] On Polymorphic Evasion

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] On Polymorphic Evasion
From: Ali Campbell <fdisclosure@xxxxxxxxxxxxxxxxxx>
Date: Sat, 02 Oct 2004 19:49:19 +0100

Does the fixed-length nature of RISC instructions make detecting a shellcode on a platform such as PPC via IDS easier ? Or does the larger availability of pseudo-NOP instructions on these platforms (owing chiefly to more combinations of registers being available) in fact make it harder ?

I wrote some shellcode for OS X once, basically as an exercise, and I caught myself wondering about this.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] On Polymorphic Evasion
  - From: Andrew Farmer

References:
- [Full-Disclosure] On Polymorphic Evasion
  - From: Phantasmal Phantasmagoria
- Re: [Full-Disclosure] On Polymorphic Evasion
  - From: zero

Prev by Date: RE:[Full-Disclosure] XP Remote Desktop Remote Activation
Next by Date: [Full-Disclosure] In-game format string in Judge Dredd vs. Death 1.01
Previous by thread: Re: [Full-Disclosure] On Polymorphic Evasion
Next by thread: Re: [Full-Disclosure] On Polymorphic Evasion
Index(es):
- Date
- Thread