This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, July 29 • 1:45pm - 3:00pm
Erez Metula: Managed Code Rootkits

Sign up or log in to save this to your schedule and see who's attending!

This presentation introduces a new concept of application level rootkit attacks on managed code environments, enabling an attacker to change the language runtime implementation, and to hide malicious code inside its core. Taking the ".NET Rootkits" concepts a step further, while covering generic methods of malware development (rootkits,backdoors,logic manipulation, etc.) for the .NET framework and Java's JVM, by changing its behavior. It includes demos of information logging, reverse shells, backdoors, encryption keys fixation, and other nasty things.
This presentation will introduce the new version of ".Net-Sploit" - a generic language modification tool, used to implement the rootkit concepts. Information about .NET modification - The Whitepaper, .NET-Sploit, and source code can be found here.

Wednesday July 29, 2009 1:45pm - 3:00pm
Augustus Ballroom 1-2

Attendees (84)