[Dailydave] INFILTRATE Video Release! Ben Watson.

David Aitel dave at immunityinc.com
Tue May 29 14:35:42 UTC 2018


Back to the future: Going back in time to abuse Android’s JIT, Benjamin
Watson, INFILTRATE 2018

There's a lot of different uses of "exploit-like" thinking, which is a
kind of rapid-fire scrappy engineering, like building a campsite before
darkness in the zombie-infested wilderness with only the tools you
brought with you, which consist of a pocket knife, some para-cord, and a
pile of soggy architectural diagrams of McMansions

I used to say that the ability to transfer a file from point A to point
B was the mark of an experienced hacker. This is harder than it sounds
<https://twitter.com/tehjh/status/979343415132467200> when doing so in
the wild!

But it is also true that locally upgrading your access from "Can execute
arbitrary Javascript in local-domain", to "can run arbitrary X86
shellcode", to "Can run any ELF binary" is real work, of the same type
of mindset.  Likewise, establishing a useful minimal persistence
mechanism can be real work on a modern platform.

So if for whatever reason you missed out on INFILTRATE itself, or were
doing the CTFs during this talk, clicky clicky! :)


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/dailydave/attachments/20180529/40bb13f1/attachment.html>

More information about the Dailydave mailing list