Dailydave mailing list archives
INFILTRATE Video Release! Ben Watson.
From: David Aitel <dave () immunityinc com>
Date: Tue, 29 May 2018 10:35:42 -0400
https://vimeo.com/269252626 Back to the future: Going back in time to abuse Android’s JIT, Benjamin Watson, INFILTRATE 2018 There's a lot of different uses of "exploit-like" thinking, which is a kind of rapid-fire scrappy engineering, like building a campsite before darkness in the zombie-infested wilderness with only the tools you brought with you, which consist of a pocket knife, some para-cord, and a pile of soggy architectural diagrams of McMansions <http://mcmansionhell.com/>. I used to say that the ability to transfer a file from point A to point B was the mark of an experienced hacker. This is harder than it sounds <https://twitter.com/tehjh/status/979343415132467200> when doing so in the wild! But it is also true that locally upgrading your access from "Can execute arbitrary Javascript in local-domain", to "can run arbitrary X86 shellcode", to "Can run any ELF binary" is real work, of the same type of mindset. Likewise, establishing a useful minimal persistence mechanism can be real work on a modern platform. So if for whatever reason you missed out on INFILTRATE itself, or were doing the CTFs during this talk, clicky clicky! :) -dave
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- INFILTRATE Video Release! Ben Watson. David Aitel (May 29)