Stock shell codes reaching use-by date

Powered by SC Magazine
 

Ty Miller sells shell at BlackHat.

The chief technology officer of a Sydney-based penetration testing firm has warned of an increasing obsolescence of stock shell codes used in penetration testing and hacking, calling on infosec professionals to begin writing their own variants.

Pure Hacking's Ty Miller told SC that stock shell codes, such as that used in the popular Metasploit Framework, had become less suitable for penetration attempts, often hitting firewalls and authentication systems.

They were designed to exploit mail and other servers but most targets had since moved to client software.

“These days we’re attacking software like Adobe, trying to break out of it,” Miller told SC. “Your custom shell will do things like tunnel out through DNS, or over FTP, without unintentionally hitting firewalls.”

Custom-built shell codes were of greater value, he said, as they outlived the typical three-month half-life of an individual exploit.

Shell code is a payload of software exploits that operates from a command shell. It gives more capability to an attacker and remains effective longer than exploits alone, which might be patched quickly.

Shell code could be reused in most exploits and remained viable for up to a decade.

Though most infosec professionals were used to running stock shell code, Miller said custom code was far more effective and capable.

Miller has focused in past years on building custom shell code rather than exploits. He had integrated a number of the applications with Metasploit to take advantage of the frameworks’ 600-plus exploits.

He will run a two-day training course on how to build custom shell code and integrate with Metasploit at the BlackHat conference in Las Vegas next week.

It will examine all types of shell code, Miller said, including dynamic shell code, portbind, connectback, egghunt, and command execution.

Copyright © SC Magazine, Australia


Stock shell codes reaching use-by date
 
 
 
Top Stories
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
What InfoSec can learn from the insurance industry
[Blog post] Another way data breach laws could help manage risk.
 
A ten-point plan for disrupting security
[Blog post] How can you defend the perimeter when it’s in the cloud?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1041

Vote