What you see below are a number of ways to do it. 4 of these provide access to 8 and 16-bit words.Ī very common operation is to set a variable (or in this case register) to zero. Of course, we don’t normally use the Stack Pointer (ESP) for anything other than stack management, so we really only have 7 GPR to use. The x86 CPU in legacy mode has 8 General Purpose Registers (GPR) each capable of storing 32-bits or 4-bytes of information. Declaration and initialization of variables / registersĮach CPU register is like a variable itself.I did plan on discussing a little about the x86 architecture, but there’s already a lot of information out there and I assume you’re already familiar with it. The little tricks shown here are derived from various sources and I mention a number of people at the end of post in acknowledgements. Some of the examples illustrated here can also be used for boot loaders, PE protectors/compressors, coding demos or something else that requires compact code. In a follow up post, I’ll discuss a few ways to obfuscate them which might be useful for evading signature detection algorithms. What follows are a number of basic ways to compact shellcodes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |