The focus of anti-virus software on traditional executable files has made stealthy code execution trickier than ever for attackers. To dodge EDR companies' tireless efforts to patch yesterday's problems, the offensive side is now turning toward alternative file formats and execution paths that slip quietly under the radar.
In this talk, we'll demonstrate how you can execute code without relying on traditional executable files (e.g. PE files), by leveraging file formats and interpreters less likely to trigger security alarms. We'll explore some unconventional ways to execute code via commonly installed software that has unexpected code execution possibilities. We'll target a popular media player and installers of many popular software tools.
Through some practical demos, we'll show how these unconventional methods allow for covert execution that bypass traditional AV detections. Why settle for songs when your media player can play your shellcode?
This session will be weld by Cedric Van Bockhaven. Cedric work as offensive researcher and loves solving offensive computer security puzzles, researching new attack vectors, and finding vulnerabilities in obscure technologies. At Outflank, he performs Red Teaming projects and works on the Outflank Security Tooling (OST).
Hvis du vil lære morgendagens angrepsmetoder så vil du ikke gå glipp av dette foredraget!