Hacker News new | past | comments | ask | show | jobs | submit login

Back when all you had was minicom dialing a BBS, there was a chicken and egg problem where you needed uudecode to decode any executable you downloaded. If you did not have uudecode you were stuck. If you are unfamiliar, unencoding a file allows you to send binary data through text transmission.

Then a clever version of a DOS .COM file was posted which implemented uudecode, but it only used x86 instructions that were also ASCII characters. You could copy/paste between the --cut here-- lines into a file, save it as uudecode.com, and then get your other binaries like pkzip.




but it only used x86 instructions that were also ASCII characters

That was a somewhat common approach back then. It's hard to find references to that technique now, but here's something I did find: https://news.ycombinator.com/item?id=16312562


There's also this compiler (with accompanying paper/video), that compiles C89 to x86 with the output executable restricted even further, to only printable ASCII bytes: http://tom7.org/abc/


Another common one is the EICAR anti-virus test file.

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

It is a com executable that prints EICAR-STANDARD-ANTIVIRUS-TEST-FILE! It recognized by most virus scanners.


Oh, cool! I thought this file was just prefixed with some random garbage.

Unrelated: I used this to verify that my daily scheduled full scan of my Linux laptop works. This is required by compliance at $WORK. It reports found viruses via the i3-nagbar.


Linux has antivirus software written for it? TIL.


ClamAV is the best known.

Usually, linux antivirus software is not designed to protect the machine itself, instead it is more commonly used by mail and file servers to protect windows clients.


Cool. How many viruses has it picked up?

(Presumably ClamAV?)


Yes, used ClamAV.

None besides this example file.

I use this laptop for $WORK and web browsing, and my warez times are behind me now that the software I want to run is typically open source, and the content I consume can be bought.


This is still quite useful when working on constrained shellcode, specifically the kind of shellcode you'd enter through a text input field.


You can even do one better, you can construct shellcode out of valid english sentences.

http://www.cs.jhu.edu/~sam/ccs243-mason.pdf

Since COM files are basically just raw binary code without headers or metadata, it should be easy to adapt the technique to make valid english language COM files.


I remember that. Then in the early 90's it was .sit and .hqx on a Mac.


Not forgetting NNTP Usenet binaries and the evolution from UUEncoded files to YEnc-oded files.

Truly magical days.


I ran into that conundrum just recently with emulating old MacOS for gaming purposes. Software on abandonware sites is distributed as images for a proprietary program. :thonk:


Great memories you brought back. Minicom times were so simple, the BBS sysop dialed upr2.clu.net for us so we had a nice UUCP connection and got our mails pushed out.

I had to undergo the same chicken egg situation with uudecode


Hmm, I might have used that, or at least something very similar. Don't know exactly why, but then, it was a while ago...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: