The wedge end of malware code can be made to resemble plain English text. That’s what Slashdot is reporting as the result of research presented at the ACM Conference on Computer and Communications Security by security researchers Joshua Mason, Sam Small, Fabian Monrose, and Greg MacManus.
What they say in their paper is that normally it’s been assumed that executable code is fundamentally distinguishable from benign files. But given an hour or so on today’s computers, code can be fashioned which, viewed as text, would read as simple English prose.
The reason for this ambiguity is that, underneath it all, the English letters also have binary representations for their ASCII codes. If the right sequence of characters is assembled, the resulting text will be executable 32-bit Intel architecture machine langauge.
Granted getting a system to execute such a file would be another matter. But that could probably be handled by any one of a number of other exploits. After all, if security is thought of as being in layers, then attacks are in layers, too.
By the way, what’s meant by “shellcode” isn’t Bash Shell scripts or MS-DOS Shell batch files. It’s a term used by security researches to refer to the very first part of an exploit.
Read the paper here. The discussion on Slashdot is here. The story is being discussed on Remote Exploit Forums and createbacklinks.info.
If you liked this article
If you liked this article, don’t forget to subscribe for updates!
Get updates by RSS (What’s RSS?)
Follow me on Twitter
![[del.icio.us]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/delicious.png)
![[Digg]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/digg.png)
![[dzone]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/dzone.png)
![[Facebook]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/facebook.png)
![[LinkedIn]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/linkedin.png)
![[Reddit]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/reddit.png)
![[Slashdot]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/slashdot.png)
![[StumbleUpon]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/stumbleupon.png)
![[Technorati]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/technorati.png)
![[Twitter]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/twitter.png)
![[Yahoo!]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/yahoo.png)
![[Email]](http://digitivity.org/blog/wp-content/plugins/bookmarkify/email.png)
Top Incoming Search Terms
bubble shellcode digitivity english shell code english shellcode malware attacks methods malware shellcode methods of malware attacks methos of malware attack msdos shellcode new methods of malware no place to fit shellcode forum shell code attack shellcode attack shellcode english shellcode.aRelated posts:
- Rogue Blogs Using Google to Offer Malware and Bogus Antiviruses The Unmask Parasites blog has uncovered a devious method being...
- Google Chrome Browser Third Place Behind Internet Explorer and Firefox A new survey is showing that Google’s Chrome browser is...
- Google Releases Skipfish Automatic Website Security Scanning Tool Google released a free website scanning tool called Skipfish. Skipfish...
- Showing Excerpts Instead of Full Posts on the Home Page in WordPress Some of my posts have been getting longer and longer,...
- What Is NoFollow? Nofollow is an HTML element attribute promoted by Google that...
Explore related content: English, English shellcode, malware, security, shellcode, virus
Real good visual appeal on this site, I’d rate it 10 10.
this English Shellcode: A New Method for Malware Attacks | Digitivity teach me alot.