Explore the evolution of exploit development techniques in response to Microsoft's arbitrary code execution mitigations in this 25-minute conference talk from Ekoparty 2019. Delve into how attackers can construct complex payloads using code reuse techniques, despite restrictions on injected code execution. Learn about the emerging Remote Procedure Call based exploitation model, which enables the creation of modular, maintainable, and target-independent payloads with minimal code reuse. Gain insights from security researcher Adrián Barreal of the Information and Communication Technology Security Program (STIC) at Dr. Manuel Sadosky Foundation, Argentina, as he discusses strategies for keeping exploit development costs low in the face of enhanced security measures.
Arbitrary Code Mitigations and Remote Procedure Code Reuse Attacks
Ekoparty Security Conference via YouTube
Overview
Syllabus
Adrián Barreal - Arbitrary Code Mitigations and Remote Procedure Code Reuse Attacks - Ekoparty 2019
Taught by
Ekoparty Security Conference
Related Courses
-
CIAPO - Code Injection via Arbitrary Pointer Overwrite
-
XOM-Switch - Hiding Your Code from Advanced Code Reuse Attacks in One Shot
-
A Tough Call - Mitigating Advanced Code-Reuse Attacks at the Binary Level
-
Just-In-Time Code Reuse - The More Things Change, the More They Stay the Same
-
COMpromise - Remote Code Execution in Windows Development Environments
