ShellForth - Shell-code cross-compiler for Forth

Presented at ToorCon San Diego 16 (2014), Oct. 26, 2014, noon (20 minutes).

Forth. One of the oldest computer languages. Once a stalwart of the embedded software development world. Clearly the obvious choice for shellcode? Ok, probably not, but because a Forth virtual machine is so different from conventional code, compiled Forth code looks very foreign to reverse engineers familiar with conventional compilers or hand tuned assembly. This talk is a deep dive into what happens when you combine one of the oldest engineering principles (*) with a mis-spent youth as a Forth enthusiast. (**) (*) “It seemed like a good idea at the time” (**) Not necessarily the most exciting of mis-spent youth opportunities, admittedly

Presenters:

  • Dave Weinstein
    Dave Weinstein is a Security Researcher for the Zero Day Initiative (ZDI) program at HP Security Research. His primary responsibilities are performing root cause analysis on ZDI Submissions and research into security vulnerabilities. Dave’s current research centers on kernel-level vulnerabilities and exploitation. With over 25 years of professional work as a software developer and security researcher, he has a wide range of experience across hardware and software platforms, and the ability to approach software from the perspective of both the developer and the attacker. Prior to joining HP Security Research, he worked in military research, academic research, library automation, and video games, before joining Microsoft’s Trustworthy Computing team in 2005. He was the author and architect of the original release of the !exploitable Crash Analyzer in 2009, and has been a regular speaker at software conferences since the late 1980s.

Similar Presentations: