Polymorphic shellcode: advances in recent years

Aleksander Czarnowski AVET

Polymorphic shellcode: advances in recent years

Polymorphic shellcode is no longer just a research topic - we see it on daily basis in IDS alerts. Recent development by black and white hat community resulted in great advance in penetration techniques, but it still probably the most uncovered area. In this paper I will examine some aids in creating exploits and polymorphic shellcode as well as detection techniques. I will also try to examine the impact of polymorphic shellcode used in penetration testing and real life attacks.

It is important to understand a role and risk associated with polymorphic shellcode, as malware and intrusion detection is in a phase of close integration. We've seen worms using exploits to infect vulnerable hosts. It's only a matter of time before polymorphic shellcode will be used by worm authors. The presentation covers mostly Unix/Linux systems and exploits.

Quick Links

Poll

When do you install software updates?
As soon as they are released
As soon as I have some time
I take my time, but I always install them eventually
Only when I feel it is absolutely necessary
Never
Leave a comment
View 12 comments
Jobs Recruit Sidebar
Twitter Feed

virusbtn: RT @emailsecmatters: The typical spam message has sources as diverse as the spam lunch meat: http://ht.ly/2yucd
1 hour ago

virusbtn: Can anyone write a rap about our RAP tests (http://bit.ly/255ySQ) and submit it to the Symantec competition http://bit.ly/bOJg8r
5 hours ago

Jobs

In Virus Bulletin's jobs pages among others:
Virus Bulletin currently has 208,221 registered users.