Didier Stevens

Monday 22 February 2010

Ping Shellcode

Filed under: My Software,Shellcode — Didier Stevens @ 10:26

I’ve added 2 new assembly source files for shellcode to execute a ping.

First one does a simple ping, second one does a ping with the computername and username in the ICMP packet data.

6 Comments »

  1. Have you looked into Immunity’s MOSDEF? It takes a little time to get use to, but I’m a C programmer at heart so it’s quicker for me than always writing assembly. Usually when I want custom shellcode I write a little (special) C and use MOSDEF.

    Comment by Matthew Wollenweber — Monday 22 February 2010 @ 16:04

  2. @Matthew No, haven’t looked at MOSDEF, but thanks for the reference. I too have a method to write shellcode in C with some special constructs, I used it for my MemoryLoadr shellcode.

    Comment by Didier Stevens — Saturday 27 February 2010 @ 10:53

  3. […] Ping Shellcode – didierstevens.com I’ve added 2 new assembly source files for shellcode to execute a ping. […]

    Pingback by Week 8 in Review – 2010 | Infosec Events — Monday 1 March 2010 @ 12:17

  4. […] Neither is preventing data egress easy. OK, you can decide to block Pastebin.com. But can you block all sites that can be posted to? Like Wikipedia? And if you can, do you block ICMP packets? […]

    Pingback by PDF Info Stealer PoC « Didier Stevens — Monday 8 March 2010 @ 0:01


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.