Kostya Kortchinsky: Making Windows Exploits more reliable
Jan 09, 2006•1 hr 18 min
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episode description
"When dealing with Windows exploits, an issue that often emerge is their cross-platform reliability, meaning they often work against either some given service packs of the OS, or some localization of the OS. It is quite rare tfind exploits that will work on a very wide range of Windows installs.
While multiplying the number of targets in an exploit is often the solution found in the wild, it seems that nobody has yet disclosed a solution tfingerprint a Windows language, or discuss about cross languages and service packs return addresses (though cross SP only is now fairly well mastered).
Immunity, Inc. had twork on this issue for CANVAS, in order tbuild more reliable exploits, and this paper intend texplain some of the solutions that were found tthese issues.
" Kostya is well known in the security industry for various vulnerability research projects. He is the discoverer of many software vulnerabilities which have resulted in several Microsoft patches, latest one being MS06-074, the SNMP service remote code execution. His most recent conference presentations were at Microsoft's BlueHat Fall 2006 Sessions, speaking on Skype security and at RECON'06. Kostya has joined Immunity, Inc. from the European Aeronautic Defence and Space Company (EADS), where he was a research engineer. He manages Immunity, Inc. Partners Program and does exploit development for CANVAS. Prior tthat, Kostya was manager of the French Academic CERT.
While multiplying the number of targets in an exploit is often the solution found in the wild, it seems that nobody has yet disclosed a solution tfingerprint a Windows language, or discuss about cross languages and service packs return addresses (though cross SP only is now fairly well mastered).
Immunity, Inc. had twork on this issue for CANVAS, in order tbuild more reliable exploits, and this paper intend texplain some of the solutions that were found tthese issues.
" Kostya is well known in the security industry for various vulnerability research projects. He is the discoverer of many software vulnerabilities which have resulted in several Microsoft patches, latest one being MS06-074, the SNMP service remote code execution. His most recent conference presentations were at Microsoft's BlueHat Fall 2006 Sessions, speaking on Skype security and at RECON'06. Kostya has joined Immunity, Inc. from the European Aeronautic Defence and Space Company (EADS), where he was a research engineer. He manages Immunity, Inc. Partners Program and does exploit development for CANVAS. Prior tthat, Kostya was manager of the French Academic CERT.
For the best experience, listen in Metacast app for iOS or Android