Bypassing all of the things

Presented at Summercon 2013, June 7, 2013, 2 p.m. (50 minutes).

In between drinks we'll be walking through the discovery and exploitation of some of these 'vulnerability' things that are all the rage. Reliable exploits for some Adobe bugs I found (stack-based buffer overflow and memory disclosure) will be dropped for Windows XP, 7, and 8. I'll show how to bypass /GS, SafeSEH, full process ASLR (high entropy or whatever), DEP, SEHOP, and the ENHANCED Mitigation Experience Toolkit (EMET) 3.0/3.5/4.0.

Presenters:

• Aaron Portnoy
  Aaron is just your average degenerate infosec poser who still hasn't quite figured out how to read C.

Similar Presentations:

• 31C3 (2014) / EMET 5.1 - Armor or Curtain?
• ToorCon San Diego 16 (2014) / EMET 5.0 - armor or curtain?
• DeepSec 2014 „Do you want to know more?“ / Reliable EMET Exploitation