Designing small payloads

Presented at DEF CON 9 (2001), July 15, 2001, 10 a.m. (50 minutes)

This talk presents how to use double injection over an existing netwok connection to write small remote buffer overflow exploits. A number of practical tips and code examples will be given. It will also be explained how this design can be used to hide an attack from both network based and host based intrusion detection systems.

Presenters:

• Anders Ingeborn
  Anders Ingeborn works with vulnerability assessment and penetration tests at iXsecurity in Sweden. iXsecurity's clients during the last couple of years include government agencies, banks, nuclear power plants and major corporations throughout Scandinavia. Anders also holds a MS in computer security.

Links:

• https://defcon.org/html/defcon-9/defcon-9-speakers.html#Anders Ingeborn
• https://infocon.org/cons/DEF CON/DEF CON 9/DEF CON 9 video/DEF CON 9 - Anders Ingeborn - Designing Small Payloads.mp4
• https://www.youtube.com/watch?v=Vs3DgRL9qJM

Similar Presentations:

• DEF CON 8 (2000) / Advanced evasion of IDS buffer overflow detection