David Litchfield's Weblog

Home
Archives
NGSSoftware
DatabaseSecurity.com


Greymatter Forums

October 2007
SMTWTFS
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      

Valid XHTML 1.0!

Powered By Greymatter

RSS 1.0 FEED
RSS 2.0 FEED
Atom 0.3 FEED
Powered by gm-rss 2.0.1
Home » Archives » October 2007 » Memory-resident backdoors in Oracle / Deepsec conference.

[Previous entry: "Reinventing the wheel... and Oracle passwords"] [Next entry: "0wned by the lowly Oracle rowid pseudo function?"]

10/30/2007: "Memory-resident backdoors in Oracle / Deepsec conference."


I finished my code for the upcoming Deepsec conference in Vienna (November 20th-23rd). I'm presenting a discussion on memory-resident backdoors in Oracle (I will refrain from calling them "rootkits"). The code I wrote exploits a buffer overflow using ASCII armoured shellcode that dynamically creates a decoder which decodes the backdoor and then executes it. The talk will present this and look at potential defences. As the backdoor never touches the file system or any database objects it's much harder to spot than previously presented Oracle "rootkits". See you in Vienna - be there or be square wink