Hadrian Barral — The ABC of Next Gen Shellcoding — DEF CON 27 Conference

Дата: 16.11.2019. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

Shellcodes are short executable stubs that are used in various attack scenarios, whenever code execution is possible. After briefly recalling how they work in general and what interesting things they can do, besides obviously running a reverse-shell, we’ll have to deal with the reality that shellcodes are usually not particularly stealthy, due in part to the very suspicious presence of non-printable characters. In a tutorial-like fashion, we’ll address increasingly more complex constraints. As a reward, we reveal new methods for writing in particular alphanumeric shellcodes and attacking platforms for which (to the best of our knowledge) no such shellcode was previously known.

Don’t know anything about constrained shellcodes? Do not worry: we’ll start from the ground up. Black-belt in shellcoding? We have you covered, stay until the end were we’ll get our hands dirty!

Hadrien Barral
Hadrien Barral is an R&D engineer, focusing on Operating Systems, Security and High-Assurance software. In his spare time, he enjoys hacking on various and obscure systems.

Rémi Géraud-Stewart
Rémi Géraud-Stewart is a cryptologist and security expert with Ecole normale superieure in Paris, focusing on intrusion and cyberwarfare.

Georges-Axel Jaloyan
Georges-Axel Jaloyan is a PhD student at Ecole normale supérieure in Paris focusing on formal methods applied to reverse-engineering, in collaboration with the French Alternative Energies and Atomic Energy Commission (CEA).


Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *