Shellcode Via VBScript/JScript Implications

DerbyCon 7.0 - Legacy

Presented by: Casey Smith (@infosecsmith2)
Date: Friday September 22, 2017
Time: 17:00 - 17:25
Location: Stable Talks

This talk will explore a recent discovery of being able to execute shellcode and make Win32 api calls from the Windows Script Host. This will be a deep dive case study of executing shellcode via an HTA file. We will discuss patterns fro execution and detection. There are many other applications that you can be applied using these techniques. This talk will be of interest for Red Team and Blue Team.

Casey Smith

Casey Smith has a passion for understanding and testing defensive systems. @subTee


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats