EXPLOIT RESEARCHELIMINATING BAD CHARACTERS

KERALA CYBER FORCE

WWW.KERALACYBERFORCE.IN

AJIN ABRAHAM@ajinabraham

@ajinabraham

ELIMINATING BAD CHARACTERS

• Bad characters are those unwanted characters that can break your shellcode.

• We can use !mona bytearray to generate bytes from 0x00 – 0xFF.

• Insert the pattern into the buffer and find out which one is breaking the shellcode

• Mark it as a bad character and re-insert pattern excluding that bad character till all the bad characters are eliminated.

• Create your shellcode excluding the bad characters.

• That’s It.

@ajinabraham

SOME COMMON BAD CHARACTERS

• 00 – NULL

• 0A – Line feed \n

• 0D –Carriage return \r

• FF – Form Feed \f

Thanks

@ajinabraham