Jump to content

Alphanumeric shellcode: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
No edit summary
No edit summary
Line 1: Line 1:
In [[computer security]] '''alphanumeric shellcode''' is a [[shellcode]] that consists of or assembles itself on execution into entirely alphanumeric [[ASCII]] or [[Unicode]] characters such as 0-9, A-Z and a-z.<ref>{{cite web |last=SkyLined |url=http://www.phrack.org/issues.html?issue=57&id=15#article | title=Writing ia32 alphanumeric shellcodes |publisher=rix }}</ref><ref>{{cite web |last=SkyLined |url=http://www.phrack.org/issues.html?issue=61&id=11#article |title=Building IA32 'Unicode-Proof' shellcodes |publisher=obscou}}</ref> This type of encoding was created by [[Hacker (computer security)|hackers]] to hide working machine code inside what appears to be text. This can be useful to avoid detection of the code and to allow the code to pass through filters that scrub non-alphanumeric characters from strings (in part, such filters were a response to non-alphanumeric [[shellcode]] exploits). A similar type of encoding is called printable code and uses all [[Control character|printable]] characters (0-9, A-Z, a-z, !@#%^&*() etc...) It has been shown that it is possible to create shellcode that looks like normal text in English.<ref>{{cite web|url=http://www.cs.jhu.edu/~sam/ccs243-mason.pdf |last=J. Mason, S. Small, F. Monrose and G. MacManus |title=English shellcode |date=November 2009 |accessdate=2010-01-10}}</ref>
In general, in [[computing]], an '''alphanumeric code''' is a series of letters and numbers (hence the name) which are written in a form that can be processed by a computer.

Specifically, in computer [[Hacker (computer security)|hacker]] terminology, alphanumeric [[code]] is [[machine code]] that is written so that it assembles into entirely alphanumeric [[ASCII]] or [[Unicode]] characters such as 0-9, A-Z and a-z.<ref>{{cite web |last=SkyLined |url=http://www.phrack.org/issues.html?issue=57&id=15#article | title=Writing ia32 alphanumeric shellcodes |publisher=rix }}</ref><ref>{{cite web |last=SkyLined |url=http://www.phrack.org/issues.html?issue=61&id=11#article |title=Building IA32 'Unicode-Proof' shellcodes |publisher=obscou}}</ref> This type of encoding was created by [[Hacker (computer security)|hackers]] to hide working machine code inside what appears to be text. This can be useful to avoid detection of the code and to allow the code to pass through filters that modify or remove non-alphanumeric characters unchanged. A similar type of encoding is called printable code and uses all [[Control character|printable]] characters (0-9, A-Z, a-z, !@#%^&*() etc...) It has been shown that it is possible to create shellcode that looks like normal text in English.<ref>{{cite web|url=http://www.cs.jhu.edu/~sam/ccs243-mason.pdf |last=J. Mason, S. Small, F. Monrose and G. MacManus |title=English shellcode |date=November 2009 |accessdate=2010-01-10}}</ref>


Writing alphanumeric or printable code requires good understanding of the [[instruction set architecture]] of the machine(s) on which the code is to be executed. It has been demonstrated that it is possible to write alphanumeric code that is executable on more than one machine.<ref>{{cite web |url=http://www.blackhatlibrary.net/Alphanumeric_shellcode | title=Multi-architecture (x86) and 64-bit alphanumeric shellcode explained |publisher=Blackhat Academy }}</ref>
Writing alphanumeric or printable code requires good understanding of the [[instruction set architecture]] of the machine(s) on which the code is to be executed. It has been demonstrated that it is possible to write alphanumeric code that is executable on more than one machine.<ref>{{cite web |url=http://www.blackhatlibrary.net/Alphanumeric_shellcode | title=Multi-architecture (x86) and 64-bit alphanumeric shellcode explained |publisher=Blackhat Academy }}</ref>
Line 21: Line 19:
{{DEFAULTSORT:Alphanumeric Code}}
{{DEFAULTSORT:Alphanumeric Code}}
[[Category:Computer security exploits]]
[[Category:Computer security exploits]]
[[Category:Injection exploits]]
[[Category:Steganography]]
[[Category:Steganography]]


Revision as of 16:54, 29 December 2013

In computer security alphanumeric shellcode is a shellcode that consists of or assembles itself on execution into entirely alphanumeric ASCII or Unicode characters such as 0-9, A-Z and a-z.[1][2] This type of encoding was created by hackers to hide working machine code inside what appears to be text. This can be useful to avoid detection of the code and to allow the code to pass through filters that scrub non-alphanumeric characters from strings (in part, such filters were a response to non-alphanumeric shellcode exploits). A similar type of encoding is called printable code and uses all printable characters (0-9, A-Z, a-z, !@#%^&*() etc...) It has been shown that it is possible to create shellcode that looks like normal text in English.[3]

Writing alphanumeric or printable code requires good understanding of the instruction set architecture of the machine(s) on which the code is to be executed. It has been demonstrated that it is possible to write alphanumeric code that is executable on more than one machine.[4]

See also

  • EICAR test file - a test pattern used to test the installation of the anti virus software, which is written in printable code.

Further reading

References

  1. ^ SkyLined. "Writing ia32 alphanumeric shellcodes". rix.
  2. ^ SkyLined. "Building IA32 'Unicode-Proof' shellcodes". obscou.
  3. ^ J. Mason, S. Small, F. Monrose and G. MacManus (November 2009). "English shellcode" (PDF). Retrieved 2010-01-10.{{cite web}}: CS1 maint: multiple names: authors list (link)
  4. ^ "Multi-architecture (x86) and 64-bit alphanumeric shellcode explained". Blackhat Academy.
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Alphanumeric_shellcode&oldid=588228772"