ROP Is Not a Problem Anymore: Automatic Shellcode Detection in Network Traffic

Want to visit   +66

Author: Svetlana Gayvoronskaya

Co-author: Ivan Petrov

This report covers the analysis of ROP shellcode present in public databases (metasploit, exploitdb, etc.) and modern ROP shellcode generators. It also focuses on a utility capable of detecting ROP shellcode for the x86 architecture within the traffic of high-speed networks via static and dynamic analysis.

  • Language
  • Russian

Svetlana Gayvoronskaya is a security specialist at Microsoft; has a Ph.D. in Physics and Mathematics; graduated from the Faculty of Computational Mathematics and Cybernetics of Moscow State University. As a speaker, participated in Defcon, Black Hat, HITB, and PHDays.

Ivan Petrov is a senior student at the faculty of Computational Mathematics and Cybernetics of Lomonosov Moscow State University, interested in reverse engineering and mobile security. He studies the potentials of exploitation of ARM devices, writes Metasploit modules. As a speaker, he participated at PHDays, Defcon, HITB, and RusCrypto.

Svetlana Gayvoronskaya Svetlana Gayvoronskaya, Ivan Petrov

Back to the list