CONFERENCE MATERIALS HAVE BEEN UPLOADED
http://conference.hitb.org/hitbsecconf2009dubai/materials/
CONFERENCE PHOTOS HAVE BEEN RELEASED
http://photos.hackinthebox.org

Rodrigo Rubira Branco (Senior Vulnerability Researcher, COSEINC)

Presentation Title: Advanced Payload Strategies: What’s New, What Works and What Doesn’t?
Presentation Abstract:

This talk focuses on the shellcode perspective and it’s evolution. From the simplest {shell}code to the polymorphism to bypass filters and I{D|P}S (which has lots of new ideas, like application-specific decoders, decoders based on architecture-instructions, and many others), passing through syscall proxying and injection, this talk will explain how it works and how effective they are against the new evolving technologies like network code emulation, with live demonstrations.

There is long time since the first paper was released about shellcoding. Most of modern text just tries to explain the assembly structure and many new ideas have just been released as code, never been detailed or explained. The talk will try to fix this gap, also showing some new ideas and considering different architectures.

About Rodrigo

Rodrigo Rubira Branco (BSDaemon) is a Security Expert at Check Point Software Technologies and a Vulnerability Research Senior Consultant at the Vulnerability Research Lab (VRL) of COSEINC. He worked as a software Engineer at IBM, member of the Advanced Linux Response Team (ALRT), part of the IBM Linux Technology Center (IBM/LTC). He is the maintainer of many open-source projects and has talks at the most important security-related conferences in the world. Rodrigo is also a member of the RISE Security (www.risesecurity.org).