Shellcodes are tiny machine language programs designed to be injected inside a vulnerable process and executed with its priviledges. They traditionaly do simple actions, like exec-ing a shell or writing to a file. They can be easily defeated by host intrusion prevention and detection systems like filesystem ACL, kernel system calls ACL, non-privileged chrooted processes, etc. Is it possible to bypass these security measures, or at least take advantage of what they permit ? In this talk FozZy will present how to design small polymorphic shellcodes downloading encrypted modules or binaries and executing them directly in memory. (ever got a shell without running /bin/sh ? ;) Trough live demos with HIDS and NIDS on, we'll see the limits of current security systems on open-source OSes.