Explore the world of shellcode development in this 44-minute conference talk from DerbyCon 4. Dive into the history of shellcode, learn assembly basics, and discover techniques for creating and optimizing shellcode. Examine methods for stealing from VirusTotal, using compilers, and working with strings and imports. Investigate compiler options and the Wartortell tool through live demonstrations. Delve into advanced topics such as modular payloads, library loading, conditionals, jump tables, and offset tables. Explore loops, primes, decoders, and architecture-specific considerations. Gain insights into packers, modules, and JSON objects. Access the GitHub page for further resources and engage with reversed challenges. Conclude with discussions on future improvements and a Q&A session to deepen your understanding of shellcode creation and implementation.
Overview
Syllabus
Intro
Shellcode Time
Doe Eyes
History
Shellcode
Suck at it
Assembly
Taking Shellcode
Stealing from VirusTotal
Using a Compiler
Strings
Imports
Compiler Options
Wartortell
Demo
Modular Payload
Load Library
Conditionals
Paths
Jump Table
Grab
Offset Table
Loops
Primes
Bad Loop
Decoder
Architecture
Packers
Modules
JSON Object
GitHub Page
Feedback
Other Options
Reversed Challenges
Future Improvements
Questions
