Waiter, there's a compiler in my shellcode!

Presented at NolaCon 2019, May 18, 2019, 3 p.m. (Unknown duration)

<p>Hacking is dynamic, and it's hard to predict what you need to do in post exploitation to achieve your goals. After using lots of technologies, I realized that no programming environment has ever been built specifically with hacking in mind, so you're always dealing with tradeoffs. </p> <p>Join me in this talk about a programming language and environment built specifically with subversive remote control in mind. It's a native code, optimizing compiler that fits in about 5KB of shellcode, requires no runtime environment, can be deployed any way you like, and yet gives you all the access you need on the target host. And to top it all off, it's built around an interactive coding paradigm that makes dynamic exploratory post-exploitation fun. </p> <p>This talk approaches some complex topics, but is designed to be interesting to anyone, whether you're into compiler theory or not. Even a non-coder should get something out of it, so anyone with an interest in offensive hacking is encouraged to attend.</p>

Presenters:

• Josh Stone
  Josh Stone is a security researcher, working currently in the area of red teaming command and control systems. He's a lifetime coder, and loves programming languages. Professionally, he's worked in infosec in both offensive and defensive roles for almost 20 years, and been around a few blocks.

Links:

• https://nolacon.com/talk/waiter-theres-a-compiler-in-my-shellcode
• https://infocon.org/cons/NolaCon/NolaCon 2019/Waiter theres a compiler in my shellcode Josh Stone.mp4

Similar Presentations:

• DEF CON 20 (2012) / Socialized Data: Using Social Media as a Cyber Mule
• May Contain Hackers (MCH2022) / Collect all the data (more than you ever need)
• DEF CON 15 (2007) / Hacking UFOlogy: Thirty Years in the Wilderness of Mirrors