Arbitrary Code Mitigations and Remote Procedure Code Reuse Attacks

Explore the evolution of exploit development techniques in response to Microsoft's arbitrary code execution mitigations in this 25-minute conference talk from Ekoparty 2019. Delve into how attackers can construct complex payloads using code reuse techniques, despite restrictions on injected code execution. Learn about the emerging Remote Procedure Call based exploitation model, which enables the creation of modular, maintainable, and target-independent payloads with minimal code reuse. Gain insights from security researcher Adrián Barreal of the Information and Communication Technology Security Program (STIC) at Dr. Manuel Sadosky Foundation, Argentina, as he discusses strategies for keeping exploit development costs low in the face of enhanced security measures.

Adrián Barreal - Arbitrary Code Mitigations and Remote Procedure Code Reuse Attacks - Ekoparty 2019