21St Century Shellcode For Solaris presented at ShmooCon 2008

by Tim Vidas,

Tags: Security Forensics

Summary : Solaris shellcode has not really been publicly re-visited in > 5 years. Unlike most *nix and *bsd’s that have a very transparent system call layer, new versions of solaris have taken advantage of the posix abstraction layer and now much smaller shellcode can be developed. We will start out out with a little shellcode 101, then dive in deeper into some solaris internals (as presented to non-solaris people), and finish with some pretty small shellcode payloads - and of course a flashy shellcode demo...ok, that’s just a lie, it’s not very flashy.
Bio
Tim has been focusing research in the field of digital forensics for a few years and now primarily works in the area of trusted operating systems and kernels. In addition to strongly preferring the "R" in R&D, he enjoys teaching and has a wide set of IT-related interests. Tim has a BS and MS in CS, and a few industry certifications. In his free time he toys around with forensic competitions, CTFs, and the like.