HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Skyrack, rop for masses
Go to: HSC Trainings
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Skyrack, rop for masses  
> Access to the content HTML Beginning of the presentation
PDF PDF version [355 kb KB]
AdobeFlash Adobe Flash version  
> Description The ROP exploitation technique allows to bypass DEP in a more flexible way than return-into-libc exploits. In some cases, ASLR systems can also be exploited when using non ASLR libraries. This presentation will introduce the ROP exploitation technique by showing practical exploitation examples. Today, only a few tools allow to help generating ROP oriented exploitation tools. ROPEme does it on Linux, Immunity Debugger may help to generate gadgets, but none of these tools can be easily used to perform advanced ROP shellcodes. This presentation will introduce all along a tool which helps to reduce the human effort needed to generate such payloads.  
> Context & Dates Talk presented during Hack In Paris conference, on 17 June 2011.
 
> Author Jean-Baptiste Aviat (Jean-Baptiste.Aviat@hsc.fr) 
> Type [ English - HTML ]  
> Abstract &
Table of content
Flyleaf  
> Related documents
themeStack Overflow
[Presentation]  Return Oriented Programming [30 November 2010 - French]
[Tip]  Introduction to exploiting buffer overflows [3 September 2001 - French]
[Presentation]  Hacking web servers [14 March 2001 - French]
[Tip]  Introduction to buffer overflows [6 October 2000 - French]
themePenetration tests
[Service]  Vunerability assessment (TSAR)
[Service]  Penetration tests
[Course]  Web App Penetration Testing and Ethical Hacking SANS Security 542
[Course]  Advanced Penetration Testing, Exploits and Ethical Hacking SANS Security 660
[Course]  Ethical and Practical Hacking
[Course]  Network Penetration Testing and Ethical Hacking SANS Security 560

[Tool]  skyrack tool [Tool to help ROP oriented exploitation - English]
[Presentation]  Infiltrate 2011 report [16 April 2011 - French]
[Tool]  Delphes tool [Delphes extracts the usernames and passwords from Oracle file. - English]
[Presentation]  Penetration tests: Exposing real world attacks [9 February 2011 - French]
[Presentation]  27C3 report [8 February 2011 - French]
[Tool]  Webef tool [Bruteforcer of web server files and directories - English]
[Tool]  BlueBerry tool [BlueBerry is a tool that can be used to decrypt BlackBerry Administration Service passwords. - English]
[Presentation]  Webshells, or how to open your network's doors ? [21 October 2010 - French]
[Tool]  passe-partout tool [In-memory extraction of SSL private keys - English]
[Presentation]  Webshells, or how to open your network's doors ? [16 March 2010 - French]
[Presentation]  Webshells, real threat for information systems ? [1 December 2009 - French]
[Presentation]  Web Attacks with Smartphone [4 June 2009 - French]
[Presentation]  Security issue seen in enterprises web applications [27 November 2008 - French]
[Presentation]  Feedback on security audits [1 April 2008 - French]
[Tool]  WSPP tool [WSPP - English]
[Presentation]  Modern techniques of IP attacks [18 March 2003 - French]
[Presentation]  Audits, Assessments and Penetration Tests [22 January 2003 - French]
[Presentation]  Audits, Assessments and Penetration Tests [26 June 2002 - French]
[Tip]  Nmap's hidden option [27 December 2000 - French]
[Presentation]  Introduction to intrusion tests [17 March 1998 - French]
[Presentation]  Tests and evaluation of Internet security solutions [30 May 1997 - French]
[Presentation]  Intrusion tests [December 1996 - French]
themeLinux
[Presentation]  Linux security characteristics [26 September 2000 - French/English]
[Presentation]  Overview of the main applications of Linux for security [26 April 2000 - French/English]
[Course]  Linux Security
[Presentation]  Linux and security [22 November 2002 - French]
[Presentation]  Some of Linux specificities for security [1 February 2002 - French]
[Presentation]  Linux Kernel Hardening - The useful and the futile in the grsecurity patch [28 January 2002 - French]
[Presentation]  Strengthening the Linux Kernel [6 February 2001 - French]
[Article]  Open-source software and security, the example of Linux [November 2000 - French]
[Tip]  Linux Kernel Modules (LKM): what benefits for administrators? [25 October 2000 - French/English]
[Presentation]  Linux and Security [13 April 2000 - French]
[Course]  Linux Security [9 December 1999 - French]
[Presentation]  Encrypted tunnels with Linux [18 June 1999 - French]
[Presentation]  Specific security characteristics of Linux [18 June 1999 - French]
[Presentation]  Linux for computer security [18 June 1999 - French]
[Presentation]  Linux for Computer Security [24 March 1999 - French]
themeWindows
[Course]  Windows Security
[Course]  Securing Windows (SANS Security 505)
[Presentation]  Dumping Windows password hashes [10 May 2011 - French]
[Tool]  SSToPer tool [A Linux implementation for SSTP client - English]
[Presentation]  Rainbow Tables and accents characters on Windows [31 May 2007 - French]
[Presentation]  Workstation Security [29 March 2007 - French]
[Tip]  Presentation of Alternates Data Stream (ADS) of NTFS [28 October 2005 - French]
[Presentation]  MSRPC NULL sessions - exploitation and protection [29 June 2005 - English]
[Tip]  Windows remote administration tools overview [15 June 2005 - English]
[Article]  Windows log files [6 June 2005 - English]
[Presentation]  Active Directory network protocols and traffic [4 May 2005 - English]
[Tip]  Minimizing Windows Server 2003 network services [6 April 2005 - English]
[Presentation]  Running with least privilege on Windows systems [7 February 2005 - French]
[Presentation]  SSLtunnel for Windows [22 September 2004 - French]
[Presentation]  Active Directory network protocols and traffic [13 September 2004 - French]
[Presentation]  Windows network services [13 January 2004 - French]
[Presentation]  Windows network services internals - HiverCon 03 [6 November 2003 - English]
[Article]  Windows network services internals [22 October 2003 - English]
[Presentation]  Windows network services for Samba folks [14 April 2003 - English]
[Article]  Security model of Windows systems [14 October 2002 - French]
[Tip]  Minimization of network services on Windows systems [2 September 2002 - English]
[Article]  Windows systems network services - Case study with Windows 2000 and Windows XP [6 June 2002 - French]
[Tip]  Minimizing network services on Windows systems [3 June 2002 - French]
[Tip]  Remote administration of Windows systems (Part 2) - rpcclient [18 February 2002 - French]
[Tip]  Remote administration of Windows systems (Part 1) - SSH [19 November 2001 - French]
[Presentation]  IP filtering and IPsec in Windows 2000 [7 September 2001 - French]
[Presentation]  Microsoft & Security: Beware Danger [13 March 2001 - French]
[Presentation]  Windows NT network flows [24 September 1998 - French]
[Article]  NT4 registers related to security [April 1998 - French]
themeOpen-source Software
[Presentation]  Free software and security [25 October 2006 - French]
[Presentation]  Free software and security [13 October 2006 - French]
[Article]  Compte-rendu de la table ronde sur la sécurité du logiciel libre aux Assises de la sécurité 2006 [13 October 2006 - French]
[Presentation]  Free secure mail gateway [12 February 2004 - French]
[Presentation]  Free software advantages for security [18 January 2004 - French]
[Presentation]  PHP and security [27 November 2003 - French]
[Presentation]  Free Software and Security [27 November 2003 - French]
[Presentation]  Linux and security [22 November 2002 - French]
[Presentation]  Security and public utilities - interest and set up of free software [19 September 2002 - French]
[Presentation]  Security advantages of open source software [5 January 2002 - French]
[Presentation]  Security advantages of open source software [26 September 2000 - English]
[Presentation]  Firewalls & free OS: a secure alternative [12 May 2000 - French]
[Presentation]  Security advantages of open source software [10 April 2000 - French/English]
[Presentation]  Security and free software [29 March 2000 - French]
[Presentation]  Free Software for Security [16 March 2000 - French]
[Presentation]  Free software for Internet/intranet security [18 June 1999 - French]
[Presentation]  The free software alternative for Internet/intranet security [11 February 1999 - French]
> Copyright © 2011, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 29 June 2011 at 17:46:57 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants