SINCON 2021 Conference — Implementation of One-Way Shellcoding in Windows 64-bit Systems

SINCON 2021 Conference — Workshop

Day 1 (05 Nov 2021) 11.30am—5.30pm @ Workshop Room — Max Capacity: 20 pax

• SINCON 2021 Conference Main Stage Schedule

• SINCON 2021 Conference Open Stage Schedule

Implementation of One-Way Shellcoding in Windows 64-bit Systems

Abstract

Generally, the traditional shellcodes generated by exploit frameworks like MSFvenom for reverse/bind shell do not work as expected when the vulnerable server is behind a firewall. As the firewall rules block all inbound and outbound connections to/from the server, except for the vulnerable service port, We can communicate only with the port used by the vulnerable service. The scenario is very challenging for penetration testers and red teams to obtain a shell from the server because connections to/from all other ports in the server are blocked.

The goal of the workshop is to construct and demonstrate a shellcode that will work with such firewall restrictions and provide a shell from the server behind the firewall.

Pre-Requisites/Reading

• 64-bit Shellcoding: https://www.coalfire.com/the-coalfire-blog/september-2020/the-basics-of-exploit-development-5-x86-64-buffer

• One-Way Shellcoding: https://www.blackhat.com/presentations/bh-asia-03/bh-asia-03-chong.pdf

• 32-bit Implementation of One-Way Shellcode: https://infosecflash.com/2021/06/11/rebind-socket-shellcode/

About Arnold Anthony & Sristi Lakshmi Sravana Kumar

ARNOLD ANTHONY is currently working as a Manager and has 7+ years of experience in information security. He is a security enthusiast who believes in sharing knowledge. He enjoys reverse engineering, pentesting, incident response, red/blue teaming, and scripting. In his free time, he does bug bounties and currently ranks amongst the top 350 researchers at Bugcrowd. He also holds the OSCP, OSCE, OSEE, OSWP, OSWE, CRTE, PACES certifications.

SRISTI LASKHMI SRAVANA KUMAR is a Security Analyst and has 5+ years of experience in the field of Cybersecurity. He holds a Master of Science degree in Electrical Engineering from the National University of Singapore (NUS) as well as holding CREST-CRT, OSCP, OSCE, and CRTE certifications. He is interested in offensive security topics like reverse engineering, exploit development, and malware analysis. He has co-authored several research papers on the topics of Embedded Device Security and Cybersecurity published in several international conferences and journals.