Missing a few common CTF hurdles

[Pourliver]

First of all, awesome project!

It could be a great addition to add some of the common hurdles seen in CTF. For example, the ability to blacklist bytes (ex: nullbytes), and have a maximum shellcode length.

EDIT : We should be able to see the current shellcode length too.

[ret2jazzy]

How do you propose we blacklist bytes? Since the backend is just a normal assembler, what we can do is to highlight the blacklisted bytes in red.

As for maximum shellcode length, displaying the total shellcode length on the top would be good enough. Truncating or displaying a warning based on shellcode at an arbitrary max length doesn't seem like something a lot of people would use and it would just end up cluttering the UI.

[Caesurus]

Just to expand this a bit, I like using https://defuse.ca/online-x86-assembler.htm#disassembly. I really like that it outputs the bytes as: Raw Hex, String Literal, Array Literal. So that i can copy paste into a script without having to mess with reformatting.

Totally agree that just displaying the shellcode length on the top would be enough, and that highlighting blacklisted bytes in red would be a great addition.

[Pourliver]

How do you propose we blacklist bytes?

Nothing aggressive, just a signal to the user. So the red highlight is perfect. As for the maximum shellcode length, I also meant something passive, just a signal / highlight, no truncating. But I agree that simply displaying the current length would be perfect.

[ret2jazzy]

@Caesurus There is a raw string option in the dropdown on top right, does that suffice your needs? As for the blacklisting and displaying shellcode length, I will probably get it done this weekend.

[Caesurus]

@Caesurus There is a raw string option in the dropdown on top right, does that suffice your needs? As for the blacklisting and displaying shellcode length, I will probably get it done this weekend.

Totally missed that, sorry. Yeah the raw string is exactly what I wanted