Here follows a partial list of the ISG’s publications. You can complete it by following the dblp links of each member in the Team page.
2019
|
Barral, Hadrien, Géraud-Stewart, Rémi, Jaloyan, Georges-Axel The ABC of Next-Gen Shellcoding Presentation 11.08.2019. Abstract | Links | BibTeX @misc{Defcon27,
title = {The ABC of Next-Gen Shellcoding},
author = {Hadrien Barral and Rémi Géraud-Stewart and Georges-Axel Jaloyan},
url = {https://www.defcon.org/html/defcon-27/dc-27-speakers.html#Barral
https://www.youtube.com/watch?v=qHj1kquKNk0},
year = {2019},
date = {2019-08-11},
abstract = {Shellcodes are short executable stubs that are used in various attack scenarios, whenever code execution is possible. After briefly recalling how they work in general and what interesting things they can do, besides obviously running a reverse-shell, we'll have to deal with the reality that shellcodes are usually not particularly stealthy, due in part to the very suspicious presence of non-printable characters. In a tutorial-like fashion, we'll address increasingly more complex constraints. As a reward, we reveal new methods for writing in particular alphanumeric shellcodes and attacking platforms for which (to the best of our knowledge) no such shellcode was previously known.
Don't know anything about constrained shellcodes? Do not worry: we'll start from the ground up. Black-belt in shellcoding? We have you covered, stay until the end were we'll get our hands dirty!},
keywords = {},
pubstate = {published},
tppubtype = {presentation}
}
Shellcodes are short executable stubs that are used in various attack scenarios, whenever code execution is possible. After briefly recalling how they work in general and what interesting things they can do, besides obviously running a reverse-shell, we'll have to deal with the reality that shellcodes are usually not particularly stealthy, due in part to the very suspicious presence of non-printable characters. In a tutorial-like fashion, we'll address increasingly more complex constraints. As a reward, we reveal new methods for writing in particular alphanumeric shellcodes and attacking platforms for which (to the best of our knowledge) no such shellcode was previously known.
Don't know anything about constrained shellcodes? Do not worry: we'll start from the ground up. Black-belt in shellcoding? We have you covered, stay until the end were we'll get our hands dirty! |
Barral, Hadrien, Géraud-Stewart, Rémi, Jaloyan, Georges-Axel, Naccache, David RISC-V: #AlphanumericShellcoding Inproceedings 13th USENIX Workshop on Offensive Technologies (WOOT 19), {USENIX} Association, Santa Clara, CA, 2019. Links | BibTeX @inproceedings{Barraletal2019,
title = {RISC-V: #AlphanumericShellcoding},
author = {Hadrien Barral and Rémi Géraud-Stewart and Georges-Axel Jaloyan and David Naccache
},
url = {https://www.usenix.org/system/files/woot19-paper_barral.pdf},
year = {2019},
date = {2019-08-08},
booktitle = {13th USENIX Workshop on Offensive Technologies (WOOT 19)},
publisher = {{USENIX} Association},
address = {Santa Clara, CA},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
|
2016
|
Barral, Hadrien, Ferradi, Houda, Géraud-Stewart, Rémi, Jaloyan, Georges-Axel, Naccache, David ARMv8 Shellcodes from 'A' to 'Z' Inproceedings Proceedings of the 12th International Conference on Information Security Practice and Experience, pp. 354–377, Springer-Verlag, Berlin, Heidelberg, 2016, ISBN: 978-3-319-49151-6. Links | BibTeX @inproceedings{Barral2016,
title = {ARMv8 Shellcodes from 'A' to 'Z'},
author = {Hadrien Barral and Houda Ferradi and Rémi Géraud-Stewart and Georges-Axel Jaloyan and David Naccache},
url = {https://link.springer.com/chapter/10.1007/978-3-319-49151-6_25
https://arxiv.org/abs/1608.03415
},
isbn = {978-3-319-49151-6},
year = {2016},
date = {2016-08-01},
booktitle = {Proceedings of the 12th International Conference on Information Security Practice and Experience},
pages = {354--377},
publisher = {Springer-Verlag},
address = {Berlin, Heidelberg},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
|