Teaching Old Shellcode New Tricks

Presented at REcon Brussels 2017, Jan. 28, 2017, 5 p.m. (Unknown duration)

Metasploit x86 shellcode has been defeated by EMET and othertechniques not only in exploit payloads but through using thosepayloads in non-exploit situations (e.g. binary payload generation,PowerShell deployment, etc..). This talk describes taking Metasploitpayloads (minus Stephen Fewer’s hash API call), incorporatingtechniques to bypass Caller/EAF[+] checks (post ASLR/DEP bypass) andmerging those techniques together with automation to make somethingbetter. There will be lots of fail and some win.



Similar Presentations: