Confidence - (25-26.05 2010 Krakow)
Language: polski | engish

Sebastian Fernandez

Sebastian Fernandez joined Immunity in 2009. His responsibilities include developing code and exploits for CANVAS. He has also ported many of the features of CANVAS to the x64 architecture including shellcodes, code optimization and backdoors. At the moment he is working on developing new exploitation techniques for Windows x64.

Topic of Presentation: General notes about exploiting Windows x64

Language: English

Abstract: During the last few years, x64 processors have been a growing technology adding performance and memory range to the old 32-bits cores. Nowadays, most of the PCs make use of them, and Microsoft has ported its operating system, Windows, adding several changes and protection measures. Security measures have evolved since Microsoft first operating system release in the 64-bit processor market, Windows XP 64. Most of the protections being developed in previous versions are now enabled by default, making exploit development harder than ever. Also the architecture migration forced us to rewrite shellcodes, allowing ourselves to develop new techniques. The main subject of the presentation will be introducing these differences and the techniques being developed, topics will cover reverse engineering, shellcoding and exploitation in the new-old platform of Microsoft.