From owner-freebsd-hackers Fri Feb 25 8:19:34 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from obie.softweyr.com (obie.softweyr.com [204.68.178.33]) by hub.freebsd.org (Postfix) with ESMTP id B70FE37BE61 for ; Fri, 25 Feb 2000 08:19:30 -0800 (PST) (envelope-from wes@softweyr.com) Received: from softweyr.com (200yearstoolate@homer.softweyr.com [204.68.178.39]) by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id JAA10159; Fri, 25 Feb 2000 09:19:17 -0700 (MST) (envelope-from wes@softweyr.com) Message-ID: <38B6AD40.608D54C9@softweyr.com> Date: Fri, 25 Feb 2000 09:26:40 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.3-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Michael Bacarella Cc: Doug White , Michael Kyle , freebsd-hackers@FreeBSD.ORG Subject: Re: Shell Code... References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Michael Bacarella wrote: > > > > I'll disassemble execve, but I'd rather just pick > > > it up from the group. > > > > Yeah, the shellcode is > > > > 0xb238fb23b238gub2348b223bdfz23a89230934897a324987287bd8970d8997893981deadbeef21398778787aaa9797bb8979878d87f87 > > Hah. Do you use 0xDEADBEEF in practice too, or merely as a novelty? :) In practice. I prefer 0xB00BFACE, however, or the harder-to-decipher 0xB19BOOB5: _ _ _ _ _ _ _ /_/ / /_/ /_/ / / / / /_/ /_ /_/ / _/ /_/ /_/ /_/ /_/ _/ "Treat me like the pig that I am." -- Andrew "Dice" Clay -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message