Didier Stevens (Security Consultant, Contraste Europe NV)
HITB LAB TITLE: White Hat Shellcode: Not for Exploits
HITB LAB ABSTRACT:
In this hands on lab session, we will present shellcode designed to protect systems instead of attacking systems. Some examples:
- shellcode to unload a DLL
- shellcode to enable DEP
- shellcode to patch a vulnerability
- shellcode to prevent heap sprays (from my HeapLocker tool)
Participants to this 120 minute lab session are encouraged to come equipped with a virtual Windows XP machine. All other tools will we provided during the session. Curious to know more? Here’s a video of one of the exercises: http://blog.didierstevens.com/2011/11/08/white-hat-shellcode-workshop-enforcing-permanent-dep/ See you in May!
ABOUT DIDIER STEVENS
Didier Stevens (Microsoft MVP Consumer Security, CISSP, GSSP-C, CCNA Security, MCSD .NET, MCSE/Security, RHCT, OSWP) is an IT Security Consultant currently working at a large Belgian financial corporation. He is employed by Contraste Europe NV, an IT Consulting Services company (http://www.contraste.com). You can find his open source security tools on his IT security related blog at http://blog.DidierStevens.com