A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Binary defense without privilege - Steve Vittitoe (Circle City Con 2016 Videos) (Hacking Illustrated Series InfoSec Tutorial Videos)

Binary defense without privilege
Steve Vittitoe

Circle City Con 2016

What would you do if you were given a binary service that contained multiple vulnerabilities and were told you must run and defend that binary for the next 3 days? And oh, by the way, you don,t get root, virtual machines, docker containers, firewall configs, or any other form of privileged access. This is exactly the challenge faced in elite attack/defense capture the flag competitions. Many of the lessons learned from these war-games can reveal new defensive opportunities in real world scenarios. This talk will discuss realistic strategies and techniques available in such a precarious defensive position. We will go far beyond simply finding bugs and patching them in the binary. For example, how might we analyze and filter network traffic without network, firewall, or root access? Could stack frame and heap allocation sizes be patched and why would that matter? How can we limit disk access as a regular user? What can we do to determine if we were exploited? All of these questions will be answered during the talk.