When developing exploits for Windows (in my case Windows XP SP3) why do we need to avoid certain bytes in the shellcode?
I know of four bytes we need to avoid: 0a, 0d, 20 and 00.
I know 00 marks the end of a string, so if we're passing our exploit in as a string input a 00 would signal the end of the input and anything after that would get dropped.
What about the other three?
Aucun commentaire:
Enregistrer un commentaire