Overview
Explore the intricacies of ARM shellcode development in this 41-minute conference talk from Hack.lu 2018. Dive into advanced techniques for crafting efficient and powerful ARM shellcode, including execve() implementations, strategies for working in constrained environments, and innovative approaches like the "Quantum Leap" shellcode. Learn about mprotect egghunters, address key concerns in shellcode development, and master the nuances of ARM and THUMB instruction decoding. Gain insights into conditional and unconditional instructions, and discover how to effectively switch between ARM and Thumb modes. By the end of this talk, acquire the knowledge to elevate your ARM shellcode creation skills and tackle complex security challenges in ARM-based systems.
Syllabus
Make ARM Shellcode Great Again
Example: ARM execve() Shellcode
Shellcode in tight spaces
mprotect Egghunter
Some Concerns
"Quantum Leap" Shellcode
The ARM to Thumb switch
ARM and THUMB decoding - 1
(Un)conditional Instructions
ARM and THUMB decoding - 2
Final "Quantum Leap" Code
Conclusion
Taught by
Cooper