Download presentation
Presentation is loading. Please wait.
1
Università degli Studi di Camerino
Scuola di Scienze e Tecnologie Corso di Laurea in Informatica (Classe L-31) MITM ATTACK WITH PATCHING BINARIES ON THE FLY BY ADDING SHELLCODES Laureando: Gabrielli Gianluca Relatore: Prof. Marcantoni Fausto A.A. 2013/2014
2
INTERCEPT INJECT INFECT crazybyte.me @CrazyByte
3
Overview LAN INTERNET crazybyte.me @CrazyByte
4
Shellcode \\xeb\x1b\x5b\x31\xc0\x89\x43\x08\x50\x53\x89\xe1\x89\xca\x83\xc2\x04\x83\xc0\x0b\xcd\x80\x83\xe8\x0a\x31\xdb\xcd\x80\xe8\xe0\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68 = crazybyte.me @CrazyByte
5
Common Attack Victim Cracker crazybyte.me @CrazyByte
6
Why it fail? Victim Cracker !? crazybyte.me @CrazyByte
7
How does AV work? Definizioni Virus Signature XYZ
Definizioni Virus Signature XYZ crazybyte.me @CrazyByte
8
Crypter + a = Passw: 'a' ASCII = 01100001
+ a = @Gianlucode
9
Crypter STUB crazybyte.me
STUB Passw: 'a' crazybyte.me @CrazyByte
10
Operative Systems crazybyte.me @CrazyByte
11
Operative Systems crazybyte.me @CrazyByte
12
Operative Systems PE Mach-O ELF crazybyte.me @CrazyByte
13
Code Caves crazybyte.me 01100100 10010010 11101100
. crazybyte.me @CrazyByte
14
Code Caves crazybyte.me
. crazybyte.me @CrazyByte
15
Code Caves crazybyte.me
. crazybyte.me @CrazyByte
16
Portable Executable crazybyte.me @CrazyByte
17
Portable Executable crazybyte.me @CrazyByte
18
Portable Executable crazybyte.me @CrazyByte
19
Portable Executable crazybyte.me @CrazyByte
20
Portable Executable crazybyte.me 01100100 10010010 11101100 10010010
. crazybyte.me @CrazyByte
21
Portable Executable WIKI crazybyte.me @CrazyByte
22
Portable Executable Single Cave Multiple Caves Adding a Section
Three Ways to Inject Single Cave Multiple Caves Adding a Section crazybyte.me @CrazyByte
23
Portable Executable crazybyte.me @CrazyByte
24
Portable Executable Shellcode crazybyte.me @CrazyByte
25
Portable Executable crazybyte.me @CrazyByte
26
PE – Multiple Caves crazybyte.me @CrazyByte
27
PE – Multiple Caves crazybyte.me @CrazyByte
28
PE – Multiple Caves crazybyte.me @CrazyByte
29
How does AV work? Definizioni Virus Signature XYZ
Definizioni Virus Signature XYZ crazybyte.me @CrazyByte
30
PE – Multiple Caves crazybyte.me @CrazyByte
31
ELF crazybyte.me @CrazyByte
32
ELF crazybyte.me @CrazyByte
33
ELF crazybyte.me @CrazyByte
34
ELF crazybyte.me @CrazyByte
35
Mach-O crazybyte.me @CrazyByte
36
Mach-O crazybyte.me @CrazyByte
37
Mach-O crazybyte.me @CrazyByte
38
POC || GTFO IT'S TIME TO PATCH! crazybyte.me @CrazyByte
39
THANKS FOR THE ATTENTION
Thesis Presentation Charts Are made just using Free Software crazybyte.me @CrazyByte
Similar presentations
