Teaching An Old Shellcode New Tricks
Category: Mitigation Bypass, Payload Development
Summary: Metasploit Windows x86/x86_64 shellcodes have been defeated by EMET and other techniques not only in exploit deployment but through using these shellcodes in non-exploitation situations (e.g. binary executable shellcode wrappers, PowerShell deployment, and MS Office macros,). This talk describes taking Metasploit payloads, removing Stephen Fewer's hash API stub, incorporating techniques to bypass Caller/EAF[+] checks (post ASLR/DEP bypass) and merging those techniques together with automation to make something that is harder to stop with bolt on mitigations.