16. Mettle
Portable POSIX payload
Runs on MIPS routers, Android phones, and desktop Linux
Uses Meterpreter protocol
Brent and Adam will cover this more Sunday at 13:00
16
17. Mainframes
Lots of work by Soldier of Fortran and Bigendian Smalls
Payloads
Auth’d RCE via job system
17
22. Not a traditional encoder
Embeds x86 shellcode in an existing BMP image
XOR’d and Stego’d across all the bits
Modifies the header so the BMP itself is executable shellcode
encoder/x86/bmp_polyglot
22
29. Privilege Escalation on Windows
ms16_016_webdav
ms16_032_secondary_logon_handle_privesc
windows/local/applocker_bypass
windows/misc/regsvr32_applocker_bypass_server
29