Hijacking Arbitrary .NET Application Control Flow

DEF CON 23

Presented by: Topher Timzen
Date: Sunday August 09, 2015
Time: 12:00 - 12:50
Location: DEF CON 101

This speech will demonstrate attacking .NET applications at runtime. I will show how to modify running applications with advanced .NET and assembly level attacks that alter the control flow of any .NET application. New attack techniques and tools will be released to allow penetration testers and attackers to carry out advanced post exploitation attacks.

This presentation gives an overview of how to use these tools in a real attack sequence and gives a view into the .NET hacker space.

Topher Timzen

Topher Timzen has had a research emphasis on reverse engineering malware, incident response and exploit development. He has instructed college courses in malware analysis and memory forensics while managing a cybersecurity research lab. Focusing on .NET memory hijacking, he has produced tools that allow for new post exploitation attack sequences. Topher is currently a Security Researcher at Intel. Twitter: @TTimzen


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats