Canberra

Details

When Friday 19th June 2015
Where CSIT Seminar Room, N101, CSIT Building, Building (108), North Road, ANU
Time 6:00 PM
After Talks Uni Pub, 17 London Circuit
Organisers Silvio Cesare, Andrew Muller, Brian Candlish
Contact canberra@ruxmon.com
Save Event

Notification List

Please sign up to our email notification list for advanced notification of planned Ruxmon events and presentation details.

Location


Presentations

Meterpreter Internals - OJ Reeves

Level: Beginner

Even though many penetration testers across the planet make use of Metasploit on a daily basis, most of them don’t really understand how it works. Even fewer know how Meterpreter works, despite using it as their go-to payload when attacking systems with Metasploit. Meterpreter tends to be considered as a big box of black magic and this perception tends to stop people from digging into its innards to see how it works.

The goal of this talk is to change this perception and educate people about this amazing piece of code. Meterpreter is not black magic despite the difficulty of the features that provides. In this talk I will explain what it is, what it’s made of, and how some of its more interesting features work under the hood. I’ll explain the exploitation process and walk through the stagers, stages and how Meterpreter gets itself set up in memory while doing everything it can to be as forensically silent as possible. I will also show some of the more recent changes to Meterpreter that will make persistence easier and reduce the number of lost shells.

Don your thinking cap, as there’ll be Ruby, C and Assembly dumps to consume. By the end, the audience will realise that Meterpreter is nowhere near as hard to understand as once thought, and hopefully they’ll be inspired to dive in further and perhaps contribute something of their own.

Bio

OJ Reeves is flying down from the Sunshine Coast to present. Apart from pentesting, red teaming, and general hacking shenanigans OJ has recently been engaged by Rapid7 to lead the charge in some exciting changes with meterpreter within the Metasploit project - so who better to give an awesome talk on its internals.


Archive

When Title Speaker Materials

Friday 19th June 2015

Meterpreter Internals

OJ Reeves

Not available

Friday 19th June 2015

Not available

Friday 19th September 2014

Registry Inception

Ben Wilson

Not available

Friday 19th September 2014

Catching Flies with vinegar; Fighting cyber attacks with HoneyPots

Alec Langford

Not available

Friday 22nd August 2014

Automated Unpacking: A Behaviour Based Approach

Karl

Not available

Friday 22nd August 2014

Not available

Friday 18th July 2014

Analysing Pager Messages for Fun and Profit

Faz

Not available

Friday 18th July 2014

Not available

Friday 20th June 2014

Cgilua vuln

James Mouat

Not available

Friday 20th June 2014

The Modern Response: Hacker vs Defender

George Stewart

Not available

Friday 16th May 2014

Welcome To My PhD

Paul Black

Not available

Friday 16th May 2014

Incident Response with CrashCart

Frank Bruzzaniti

Not available

Thursday 17th April 2014

A Decade of Building Security In

Jacob West

Not available

Thursday 17th April 2014

Breaking the Security of Physical Devices

Silvio Cesare

Not available

Supported By