O slideshow foi denunciado.
Seu SlideShare está sendo baixado. ×

Strategic Surprise

Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio

Confira estes a seguir

1 de 50 Anúncio

Mais Conteúdo rRelacionado

Mais de Michael Scovetta (20)

Anúncio

Mais recentes (20)

Strategic Surprise

  1. 1. Strategic Surprise
  2. 2. My name is Nico Waisman and I have an obsession
  3. 3. The Past
  4. 4. Once upon a time in Mexico...
  5. 5. Advance Dougs Lea's malloc exploits Vudo - An object superstitiously believed to embody magical powers Once upon a free()
  6. 6. Wuftpd glob/site exec Gobbles openssh exploit (FUCKYOUTHEO) Pserverd - 4c1db1tch3z Solar Designer Netscape JPEG exploit
  7. 7. Understand your exploitation domain
  8. 8. Reverse, Reverse and Reverse a little bit more
  9. 9. Debug, Debug and Debug a little bit more
  10. 10. Five Ws
  11. 11. The Present
  12. 12. Why is HDMoore Sad? Disclaimer: The imagery used in this Slide may have been altered or modified to some degree from the original image
  13. 13. Exploits are hard...
  14. 14. When was the last time you saw a real public exploit?
  15. 15. Bindiff Exploits
  16. 16. Post Mortem Exploits
  17. 17. Dry Humping Exploits
  18. 18. Excitement Success Deception Faith Depression
  19. 19. Hope is not a Business Plan
  20. 20. Exploits are hard... ...but it was always being
  21. 21. DEP SafeSEH ASLR Code Security Cookies Metadata encryption
  22. 22. The Element of Surprise
  23. 23. Team vs Individuals
  24. 24. Researchers
  25. 25. You don't need a researcher, you need a unicorn
  26. 26. Programmer
  27. 27. LAB
  28. 28. Management
  29. 29. Windows 2000 Windows Vista 1d: Triggering the bug 1 d: Triggering the bug 2-4d: Understanding the heap layout 1-2d: Understanding the heap layout 2-5d: Finding Soft and Hard Memleaks 2-5d: Finding Soft and Hard Memleaks 5-8d : Finding a reliable Write4 10-30d : Overwriting a the correct memory 1-2d: Function Pointers and Shellcode 2-5 days: Function pointer and Shellcode
  30. 30. Windows 2000 Windows Vista 1d: Triggering the bug 1 d: Triggering the bug 2-4d: Understanding the heap layout 1-2d: Understanding the heap layout 2-5d: Finding Soft and Hard Memleaks 2-5d: Finding Soft and Hard Memleaks 5-8d : Finding a reliable Write4 10-30d : Overwriting a the correct memory 1-2d: Function Pointers and Shellcode 2-5 days: Function pointer and Shellcode
  31. 31. Protection never target what we always aim for...
  32. 32. Bug classes die Primitives dont
  33. 33. Nowadays exploitation techniques are crumbs of the '90 great banquet
  34. 34. There are No Surprises
  35. 35. Questions? nico@immunityinc.com @nicowaisman

×