DEFCON 18 Hamiel Wielgoszewski Offensive Python

7/21/2019 DEFCON 18 Hamiel Wielgoszewski Offensive Python

1/43


2/43

!"#$"% '"()*+,-)%.)/"+ 01%23+#"%#

4221.)"#* ,-15*221- "# 647

8"-.)% 9)*+:12;**.3-)#? @%:)%**-


3/43

"#$%&'(# )' *))$+ (&' , -&%$. /&'0 1)2# 3#)3$# *#+4'5 6#7 &33+ 8#'9)2+ 3$&0 (&*(:;


4/43


5/43

F&'5


6/43


7/43

6N&D

=3%O#A2)P0+E$1&3

A2)P0=*2%O#

6&3%4

+#J$&C#

=(&30

/)'O#0-%+*

A(&30

/0R&M B9&30*:)'


8/43

QA0*:)' :L3STT30*:)'U)25

V0*:)' :L3STTI0*:)'U)25

B2)'A0*:)' :L3STT%2)'30*:)'U'#*


9/43

=*&2* 6%*: :L3STT30*:)'U)25 :L3STT9)(+U30*:)'U)25T :L3STT9)(+U30*:)'U)25T*


10/43

K&$O $%O# & 9


11/43

>#"%A"-A B)C

:L3$%7


12/43

:L3$%7 =*&'9&29 \YYA /)9


13/43


14/43

aP&13$#+


15/43

A#2D)21 *2&'+%4)' 1&5%( b"F #'()9%'5 &'9 a+(&3%'5

=*2%'5 1#*:)9+ ]7&+#^c T :#P T 2)*dNe #*(_ >&*& 2#32#+#'*&4)'+ ]9#(%1&$+ T #'44#+ T #*(_

>:&21&a'()9#2 A2)M%9#+ 1#*:)9+ *) #'()9# &'9 62&3 M&$


16/43


17/43

>) *:# $#56)2O f')6 0)


18/43

K#7 D


19/43

J&+%( 2#E


20/43

-%2+* *:%'5+ G2+* >#*#21%'# ()'*#'* *03#e )'X*


21/43


22/43

=*&*# B++


23/43

=#$#'%


24/43

-%2#D)P T gbF"


25/43

"#'9#2 2#*


26/43


27/43

Y2&9%4)'&$ j=B

=


28/43

aP&13$#


29/43

B9#'4D0 %++


30/43

A0@/- %+ 1)+* 3)3


31/43

=*&2* 6%*: & +%13$# A0*:)' 9#+%5' 3&L#2'"#$%% &$"'()*+(,-."'/0

1.2 33454'33+%.#26 7$)8%6 779:$)8%/0

%.#2;3314"'33;


32/43

k)


33/43

Q)'M#2* 7#*6##' A0*:)' M&$


34/43

U8 = unsigned 8-byte integer

U16 = unsigned 16-byte integer

UTF-8 = U16 * (UTF8-char) ; as defined in RFC3629

DOUBLE = 8-byte IEEE-754 double precision

; floating point in network byte order

msg = message-count parameters

message-count = U16

parameters = number-type | boolean-type | string-type

number-marker = 0x00

boolean-marker = 0x01

string-marker = 0x02

number-type = number-marker DOUBLE

boolean-type = boolean-marker U8

string-type = string-marker UTF-8


35/43

K2%*# *:# &332)32%&*# *03#;1&2O#2 *) 7


36/43

"#&9%'5 %+ I


37/43

K2%4'5 & J))$#&'1.2 :)4'.3,((#+,


38/43

A&2+%'5 & J))$#&':F4#. =(% G #.5+,


39/43

K2%4'5 & =*2%'51.2 :)4'.3%')458+,


40/43

A&2+%'5 & =*2%'5:F4#. =(% G #.5+,


41/43

k)< 1&0 :&M# ')4(#9 *:&* 6# 62)*# & +%13$#+*&*#;1&(:%'#

@ :F4#.$))3 *:&* %*#2&*#+ )M#2 & 7


42/43

1.2 1."(1.+,$)9.)

.#42 %'$'. JJ ?[\X]ZV?0 W =$)%. 5,.)

.#42 %'$'. JJ ?]^^_?0 W =$)%. ,((#.$5

.#42 %'$'. JJ ?STV`[a?0 W =$)%. %')458


43/43

DEFCON 18 Hamiel Wielgoszewski Offensive Python

Documents

Transcript of DEFCON 18 Hamiel Wielgoszewski Offensive Python