Shellcode Via VBScript/JScript Implications

Presented at DerbyCon 7.0 Legacy (2017), Sept. 22, 2017, 5 p.m. (25 minutes)

"This talk will explore a recent discovery of being able to execute shellcode and make Win32 api calls from the Windows Script Host. This will be a deep dive case study of executing shellcode via an HTA file. We will discuss patterns fro execution and detection. There are many other applications that you can be applied using these techniques. This talk will be of interest for Red Team and Blue Team. " Casey Smith has a passion for understanding and testing defensive systems. @subTee

Presenters:

• Casey Smith

Links:

• https://www.derbycon.com/friday-schedule/#event-67

Similar Presentations:

• DEF CON 31 (2023) / Game-Changing Advances in Windows Shellcode Analysis
• DerbyCon 7.0 Legacy (2017) / POP POP RETN ; An Introduction to Writing Win32 Shellcode
• DEF CON 22 (2014) / Shellcodes for ARM: Your Pills Don't Work on Me, x86