By- July 15, 2014
Binary exploitation might seem like a strange topic for a blog that's historically focused on web-security topics like xss'ing the entire internet or securing embedded content with iframes, but it's one that much of our company is passionate about. Just last week, we presented a talk at Secuinside in Korea, on writing cross-platform exploits.
As the internet of things becomes less a buzzword, and more a reality, we're noticing that it's growing increasingly common to see embedded software which runs across different architectures - whether that means the same router firmware running across different models, or the operating system for a smart TV being used by different manufacturers. In a world where even your toaster might have internet access, we suspect that the ability to write cross-platform shellcode is going to transition from merely being a neat trick, to becoming a viable tool in an attacker's arsenal.
Writing cross-platform shellcode is tough, but there's a few techniques you can use to simplify the problem. Our talk discusses one such method, which we used to great success during the DEFCON CTF qualifiers this year.
The slides get a little theoretical at parts, and require a little bit of background in writing shellcode to fully follow, but if the topic interests you, our two most glowing recommendations would be to take a look at Microcorruption and The Shellcoder's Handbook. The first is a self-contained CTF by the brilliant engineers at Matasano Security and Square, which acts as an incredible introduction to embedded security. The second is a shockingly thorough guide to writing shellcode; in a little less than 800 pages you'll progress from learning what a buffer overflow is, to analyzing actual vulnerabilities in old versions of the Windows kernel. Happy hacking!
Tinfoil Security provides the simplest security solution. With Tinfoil Security, your site is routinely monitored and checked for vulnerabilities using a scanner that's constantly updated. Using the same techniques as malicious hackers, we systematically test all the access points, instantly notifying you when there's a threat and giving you step-by-step instructions, tailored to your software stack, to eliminate it. You have a lot to manage; let us manage your website's security.