The purpose of this talk is to get a better understanding of using a
debugger and looking at the low-level process of exploiting a software
vulnerability. We will be visiting our faithful old friend, ms08_067.
First, we will look at the structure of the metasploit module and the
functions that make it up. Then we will move to the victim’s system
where we will be firing up a debugger and taking a look at the
vulnerable process, library and function. Next, we will launch the
metasploit module from our attack system and watch the memory
corruption. Finally, we’ll follow the exploit as it disables DEP in
the acgenral.dll module and then finally jump to our shellcode for a win.
Speakers
John Degruyter

Back to Hack3rcon 4 video list