Pure Python Data Mangling or Encrypting
Ian Kelly
ian.g.kelly at gmail.com
Sat Jun 27 01:59:45 EDT 2015
On Fri, Jun 26, 2015 at 7:21 PM, Chris Angelico <rosuav at gmail.com> wrote:
> On Sat, Jun 27, 2015 at 6:09 AM, Randall Smith <randall at tnr.cc> wrote:
>> Give me one plausible scenario where an attacker can cause malware to hit
>> the disk after bytearray.translate with a 256 byte translation table and
>> I'll be thankful to you.
>
> The entire 256-byte translation table is significant ONLY if you need
> all 256 possible bytes. Suppose I want to generate the following byte
> sequence:
>
> "\xCD\x19"
>
> (Okay, this is a slightly oversimplified example, as this attack
> doesn't work on a modern Windows. But back in the days of DOS, this
> program would reboot your computer.)
Nice! When I suggested the possibility of a two byte value malicious
payload, I thought it an extreme example of the hypothetical attack. I
didn't expect that somebody might actually produce one.
More information about the Python-list
mailing list