Hijacking Arbitrary .NET Application Control Flow

Presented at DEF CON 23 (2015), Aug. 9, 2015, noon (60 minutes).

This speech will demonstrate attacking .NET applications at runtime. I will show how to modify running applications with advanced .NET and assembly level attacks that alter the control flow of any .NET application. New attack techniques and tools will be released to allow penetration testers and attackers to carry out advanced post exploitation attacks. This presentation gives an overview of how to use these tools in a real attack sequence and gives a view into the .NET hacker space.


Presenters:

  • Topher Timzen - Security Researcher - Intel
    Topher Timzen has had a research emphasis on reverse engineering malware, incident response and exploit development. He has instructed college courses in malware analysis and memory forensics while managing a cybersecurity research lab. Focusing on .NET memory hijacking, he has produced tools that allow for new post exploitation attack sequences. Topher is currently a Security Researcher at Intel. Twitter: @TTimzen
  • Ryan Allen

Links:

Similar Presentations: