Description: We all remember the huge chaos which ensued when Michael Lynn decided to talk about Cisco IOS exploitation techniques in Blackhat 2005. After that storm, there seemed to be a lull for quite sometime. This presentation is aimed at stirring up things a little bit :) Given at Blackhat 2008 by Gyan Chawdhary and Varul Uppal from IRM, "Cisco IOS Shellcodes/Backdoors" takes an in-depth look into how to create Shellcode for IOS. The presentation is very detailed and takes us through IOS image reversing, debugging, IOS shellcode developement tools, building shellcodes, bypassing checkheaps() and discusses various threat scenarios and potential impact. Unforunately, the only thing it does not do is demo an actual exploit, which is quite understandable as Gyan and Uppal did not want to go to jail :) . This presentation is very interesting to me as I am an ex-Cisco guy and I just finished creating an entire video series on Buffer Overflow and Shellcoding techniques. :) <br><br>The presentation is available here and a high resolution video can be downloaded here. <br><br><br><style type="text/css">body { background: #FFF; } </style> </div>
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.