Archive for April, 2010

CCSF CNIT 123 Talk

Sunday, April 18th, 2010

Hi all! I enjoyed sharing a bit of infosec with you on Saturday, and I hope you learned a bit and had some fun.

Here are the slides as a PDF: 200 Milliseconds to Owned

The first “mother may I” exploit was MS06-014. The second demo I did was the more interesting MS10-002, a heap spray used in the Aurora attacks. Symantec has a good writeup.  If you actually want to play with either of these, you’ll find them both in Metasploit. You should have little trouble duplicating the demos on XP virtual machines with IE6, and with a little websearching you can probably find a version of the MS10-002 exploit that will work on Vista and IE7 machines.

The small reversing demo with the serial number checking program was from Grab a copy of OllyDbg and start poking around.

Happy hacking!