Advanced Payload Strategies: What is new, what works and what is hoax?
- Type
- Slides
- Tags
- exploiting
- Authors
- Rodrigo Rubira Branco
- Event
- Troopers 2009
- Indexed on
- Apr 09, 2013
- URL
- https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS09_branco_advanced_payload_strategies.pdf
- File name
- TROOPERS09_branco_advanced_payload_strategies.pdf
- File size
- 3.2 MB
- MD5
- b88b5e4ccf1e3350af95758a40d01940
- SHA1
- f9169fef6554bf59c63f8560f1378f87e07383d9
This talk focuses on the shellcode perspective and it’s evolution. From the simplest {shell}code to the polymorphism to bypass filters and I{D|P}S (which has lots of new ideas, like application-specific decoders, decoders based on architecture-instructions, and many others), passing through syscall proxying and injection, this talk will explain how it works and how effective they are against the new evolving technologies like network code emulation, with live demonstrations. There is long time since the first paper was released about shellcoding. Most of modern text just tries to explain the assembly structure and many new ideas have just been released as code, never been detailed or explained. The talk will try to fix this gap, also showing some new ideas and considering different architectures.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
