addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgooglegroupsimageimagesinstagramlinklocation-pinm-swarmSearchmailmessagesminusmoremuplabelShape 3 + Rectangle 1outlookpersonJoin Group on CardStartprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

Ownage From Userland: Process Puppeteering

  • Sep 18, 2013 · 5:30 PM
  • This location is shown only to members

This offensive talk highlights a myriad of sneaky methods for manipulating processes on owned boxes. The talk will focus on tricks which can happily execute from userland and has a broad spectrum of applications which include ring-3 rootkit development, game hacking, virus development, and software augmentation.

Bio: Nick Cano is a twenty year-old reverse engineer and software developer, with eight years of experience in software development and game exploitation. Along side his day job as a Programmer Analyst, Nick also runs a game hacking company which produces autonomous software capable of not only playing games, but also completely manipulating their environment and control flow. His experience includes malware analysis, binary reverse engineering, Windows system internals manipulation, userland rootkit development, and software automation.

Join or login to comment.

  • Nick C.

    Here's a link to some projects which use some of these methods:

    http://xenobot.net/downloads/own.rar

    September 27, 2013

  • Maurice

    Great presentation by Nick Cano! At once fascinating, and downright scary as he discussed several approaches to manipulating processes. I can't wait to try some of these techniques! Muah ha ha ha haaaa! Muah ha ha ha haaaa!

    September 22, 2013

11 went

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy