48-HOUR ROLLBACK! Save $1,100 on RSAC 2020 with code 80UFLASHWEB.

Parker Garrison

Cybersecurity Engineer, -

Parker Garrison is a GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) and GIAC GDAT, as well as a Toastmasters Advanced Gold Communicator. He is an avid competitor, placing first in the SANS NetWars Tournament and the One-Hour CTF at his most recent RSA Conference. He enjoys the challenge of subverting the intended functionality of systems and implementing resilient defenses, and sharing his knowledge with others. He presented on the subject of buffer overflows and exploit writing at DerbyCon in 2018 and developed the challenges for the first CTF competition at Southeast Linux Fest in 2019 (flagctf.com). Garrison’s passionate teaching style, with targeted interactive live demos, helps attendees learn useful techniques that they can apply to real-life problems outside the session.

USA 2020
Session ID 19403

February 28, 2020
8:30AM - 9:20AM

Modifying Old Exploits to Target Modern Systems

Parker Garrison

When that Metasploit exploit doesn’t work, what do you do? This presentation with live demos will modify an exploit for a commercial application on Windows 7 to work on Windows 10 to bypass ASLR, NX, stack canaries and several new available EMET / Exploit Guard defenses. Immunity Debugger and other free and open-source tools will be used to streamline the process.

Pre-Requisites: Experience programming in a scripting language (we will be editing and writing Ruby and Python cod)e. An understanding of the stack on the x86 architecture will be very helpful.

View Session

48-HOUR ROLLBACK! Save $1,100 on RSAC 2020 with code 80UFLASHWEB.

Modifying Old Exploits to Target Modern Systems

Search