Questions about this topic? Sign up to ask in the talk tab.
Search results
From NetSec
Page title matches
- #REDIRECT [[null-free shellcode#Null-byte removal]]147 B (13 words) - 03:11, 16 June 2012
- {{info|<center>Null-free [[shellcode]] is a beginner-type shellcode used for [[exploitation]] o ...hine code]] into anything desired without having to worry about design and null-bytes at first.22 KB (3,497 words) - 21:18, 15 May 2013
- {{info|<center>Null-free [[shellcode]] is a beginner-type shellcode used for [[exploitation]] o ...supplied as [[shellcode]] for the [[exploitation]] process cannot contain null bytes.27 KB (4,175 words) - 17:40, 16 May 2013
- #REDIRECT [[Shellcode/Null-free]]57 B (5 words) - 03:28, 25 April 2013
- #REDIRECT [[Shellcode/Null-free]]33 B (3 words) - 03:09, 16 May 2013
Page text matches
- ...|Stack overflows]] • [[Shellcode/Loaders|shellcode loaders]] • [[null-free shellcode]] • 32-bit [[ascii shellcode]] • 64-bit [[Shellcod3 KB (385 words) - 04:10, 4 June 2015
- INSERT INTO user VALUES (null, "Selketraz", md5("lolwut"));10 KB (1,569 words) - 05:54, 17 November 2012
- ...01 is followed by \x00\x00\x00. These are three "null bytes". Seeing these null bytes and knowing the way that assembly operates, we can safely say that th39 KB (6,533 words) - 05:37, 28 May 2012
- ...ws can be [[Fuzzing|fuzzed]], simply by throwing more than 16 megabytes of null-free data at the target [[input]].274 B (38 words) - 07:31, 12 March 2012
- ...pts may append '.php' to a user supplied string in an include. Appending a null [[byte|Byte]] (%00) will often short circuit this, allowing an attacker to Or using null-bytes:2 KB (272 words) - 07:50, 19 July 2012
- FILE *textFile = NULL; char *fileBytes = NULL;38 KB (5,893 words) - 01:21, 17 July 2016
- ...'''if (!$scalar)'''" is used to determine if the '''$scalar''' variable is null, zero, or undefined. When used before a '''=''' operator, this becomes "no809 B (141 words) - 02:12, 19 July 2012
- char *dev = NULL; /* capture device name */ if (dev == NULL) {9 KB (1,296 words) - 06:10, 8 July 2012
- xor %rax, %ss:0x30(%rcx); Null that area of stack syscall # execve('/bin/sh', null, null)35 KB (5,252 words) - 18:28, 23 November 2012
- error_log /dev/null crit;12 KB (1,529 words) - 04:56, 22 October 2012
- Typically we will use find with the -print0 option (to have a NULL separator instead of a whitespace or new line) and we'll use xargs with the43 KB (7,262 words) - 05:35, 27 June 2016
- ...Sometimes this test does not require an exit, other times it does (like a null [[Byte|byte]]). These strings are appended to the end of the filename duri8 KB (1,233 words) - 09:27, 21 April 2013
- ...'''returns''' either the '''file contents as a single-cell string''' or '''null''' if the query failed for '''any''' reason.32 KB (4,777 words) - 18:35, 21 November 2012
- execve("/bin/sh", NULL, NULL); ...ip|If the [[IP address]] and port translated to hexadecimal do not contain null bytes, four bytes can be saved by hardcoding them directly (removing the [[10 KB (1,615 words) - 03:28, 25 April 2013
- ...]] can be found on the stack. When calling forwards, [[Null-free_shellcode|null bytes]] are added as operands to the call instruction unless call short is15 KB (2,484 words) - 03:33, 25 April 2013
- ...injection{{code|text=<source lang="php">$query = "insert into table values(null,$input)";</source>}}1 KB (161 words) - 07:11, 19 July 2012
- * <kbd>nil</kbd>: The null object.25 KB (3,534 words) - 22:34, 14 October 2012
- ...s won't work as shellcode due to the fact that it is not null-free. See [[null-free shellcode]] for more information.</center>}} mov %rsp, %rdx # envp is null43 KB (6,561 words) - 23:22, 12 July 2016
- $ insmod module.ko arg1=null [ 3728.160984] Hello null from this example LKM!37 KB (6,139 words) - 15:05, 26 June 2016
- ...e stack using a qword instruction, except that instead of pushing 3 padded null bytes with your data it would push 7. ...g this size. The only instructions that are capable of padding dwords with null bytes are the ones that use qwords as data input. Dwords are also the maxim42 KB (6,644 words) - 22:16, 3 July 2016
- #REDIRECT [[null-free shellcode#Assembly]]113 B (10 words) - 02:36, 16 June 2012
- #REDIRECT [[null-free shellcode#Null-byte removal]]147 B (13 words) - 03:11, 16 June 2012
- #REDIRECT [[null-free shellcode#String argument]]119 B (11 words) - 08:53, 14 June 2012
- #REDIRECT [[null-free shellcode#Successful overflow test]]58 B (6 words) - 06:37, 22 May 2012
- |Null5 KB (688 words) - 04:38, 1 July 2012
- {{info|<center>Null-free [[shellcode]] is a beginner-type shellcode used for [[exploitation]] o ...hine code]] into anything desired without having to worry about design and null-bytes at first.22 KB (3,497 words) - 21:18, 15 May 2013
- * Null pointer dereference attacks4 KB (523 words) - 11:13, 17 July 2016
- * Null pointer dereference attacks2 KB (158 words) - 19:25, 17 September 2012
- 00:59:13 <hatter> in mysql, sleep() always returns null 00:59:34 <hatter> /article.php?id=1 and sleep(30) is null13 KB (1,900 words) - 03:55, 18 September 2012
- ...sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans --scanflags <flags>: Customize TCP scan flags -sI <zom12 KB (1,590 words) - 01:52, 20 September 2012
- ...y=pts1 ses=228 comm="cat" exe="/bin/cat" subj=user_u:user_r:user_t:s0 key=(null)16 KB (2,601 words) - 03:28, 26 September 2012
- <hatter> mysql> insert into category values(null,'Sql Injection'); <hatter> mysql> insert into category values(null,'Web Exploitation');16 KB (2,284 words) - 06:59, 25 September 2012
- <m4> .ascii takes up 1 storage location per character, including newlines and null terminators15 KB (2,829 words) - 01:53, 20 September 2012
- push %ebx #args 5/6 (null) push %ebx #arg1 (null)36 KB (5,340 words) - 20:07, 25 May 2013
- <hatter> [0x4-0x7] section type - 0 is null, 1 is progbits, 2 is symtab, 3 is strtab <hatter> [0x10-0x17] Null barrier7 KB (1,075 words) - 01:53, 20 September 2012
- 04:18 <~hatter> usually cannot have null bytes in it6 KB (813 words) - 21:48, 20 September 2012
- ...read / written from in requests that it's relevant, when it's not, set to NULL ...the same, but it's a void pointer to the data to be used, otherwise set to NULL13 KB (1,669 words) - 21:50, 20 September 2012
- .../Self-modifying|shellcode decoder]], so it is nearly [[Shellcode/Null-free|null-free]]. Full source available in [[Shellcode/Appendix#Loaders|the appendix The first argument (''%rdi'') of ''mmap''() should be null, so using ''[[xor]]'', ''%rdi'' is set to zero.9 KB (1,318 words) - 03:18, 25 April 2013
- ==== Null-free ==== ==== Null-free ====6 KB (947 words) - 03:32, 25 April 2013
- [[Buffer overflow|Stack overflows]] • [[null-free shellcode|Shellcode libre de nulos]] • 32-bit [[ascii shellcode|S4 KB (545 words) - 06:07, 7 November 2012
- [[Buffer overflow|Stack overflows]] • [[null-free shellcode|Shellcode libre de nulos]] • 32-bit [[ascii shellcode|S4 KB (545 words) - 06:12, 7 November 2012
- ...the string (starting with the first letter at 0). Because 0 evaluates to null or false, the conditions will not be met even if the needle exists in the ...re used to ensure that strpos() is returning an integer zero rather than a null value (adding an implicit type-check).3 KB (429 words) - 02:43, 13 November 2012
- ...HIPS]] engines) that can prevent the execution of traditional 'unlinked' [[null-free shellcode]], doing so by, for example, containing no interrupts, sysca ...engineer the payload quickly - another problem presented by traditional [[null-free shellcode]].15 KB (2,316 words) - 03:35, 25 April 2013
- [0x4-0x7] section type - 0 is null, 1 is progbits, 2 is symtab, 3 is strtab [0x10-0x17] Null barrier7 KB (1,026 words) - 03:27, 25 April 2013
- ...eans that if there are even as few as 3 rows in the table, combined with a null identifier row (most likely a blank response; the same response would be ob15 KB (2,076 words) - 20:06, 5 May 2013
- <source lang="sql"> and pg_sleep(15) is null</source> ..."sql"> and (case when 1 between 1 and 1 then pg_sleep(15) else 9 end) is null</source>8 KB (1,245 words) - 18:46, 21 November 2012
- and pg_sleep(ascii(substring(current_database,1,1))) is null -- PostgreSQL3 KB (567 words) - 17:17, 21 November 2012
- ips[n] = "null" ...re.search("[a-zA-Z]",ip) != None and ip != socket.gethostname() and ip != "null"):18 KB (1,097 words) - 04:40, 20 November 2012
- xor %rax, %ss:0x30(%rcx); Null that area of stack syscall # execve('/bin/sh', null, null)24 KB (3,808 words) - 03:31, 25 April 2013
- ...ytes'' ([[Shellcode/Appendix#setuid_binsh.s|setuid_binsh.s]]) ([[Shellcode/Null-free#64-bit|Docs]]) ...es'' ([[Shellcode/Appendix#write-file-32.s|write-file-32.s]]) ([[Shellcode/Null-free#32-bit|Docs]])9 KB (1,291 words) - 00:20, 26 May 2013
- {{info|<center>Null-free [[shellcode]] is a beginner-type shellcode used for [[exploitation]] o ...supplied as [[shellcode]] for the [[exploitation]] process cannot contain null bytes.27 KB (4,175 words) - 17:40, 16 May 2013
- group_id int foreign key not null default 1,2 KB (254 words) - 02:55, 12 May 2013
- ...he string (starting with the first letter at 0). Because 0 evaluates to null or false, the conditions will not be met even if the needle exists in the ...e used to ensure that strpos() is returning an integer zero rather than a null value (adding an implicit type-check).34 KB (4,531 words) - 11:03, 20 April 2013
- #REDIRECT [[Shellcode/Null-free]]57 B (5 words) - 03:28, 25 April 2013
- #REDIRECT [[Shellcode/Null-free]]33 B (3 words) - 03:09, 16 May 2013
- static struct class* myModule_class = NULL; static struct device* myModule_device = NULL;4 KB (554 words) - 23:45, 24 June 2016
