The technique which we will describe in great technical detail, targets a vulnerability within EMET which allows our exploit to trigger it's protections without being stopped. This technique is unique in that it does not attempt to skip over or avoid EMETs protections, instead it corrupts critical components of EMET at runtime making it unnecessary for the rest of the attack to be aware of it's existence. We'll discuss the internal workings of EMET and what happens under the hood when a protection is triggered. This talk will also discuss the currently known EMET bypasses and which ones are still relevant.

As a member of the Research and Innovation team, Spencer McIntyre works to discover vulnerabilities within organizations systems and understand underlying risks. Mr. McIntyre balances his focus between vulnerability and in-house tool development. During his time with SecureState, Mr. McIntyre has worked with a variety of clients across multiple industries, giving him experience in how each secures their data and the threats that they encounter. Mr. McIntyre uses his background in software development to help him to understand and exploit the underlying logic in the software he encounters. He is active in the open source community, making multiple contributions to a variety of projects such as the Metasploit Framework and Scapy.

Back to Bsides Cleveland 2014 video list