ringzerø

★ TALK ★

Marion Marschalek

Compiler Backdooring for Beginners

Friday, 23 February

45 mins

ABSTRACT

Ever wondered how compiler mitigations are built? Or how a sophisticated build chain attack can target a compiler to place backdoors and other miscreants? Wonder no more, this talk shows you how to build your own compiler pass, and modify any source code you build to your liking. We'll learn how source code makes its way through the different stages of a compiler into its final binary form, how compilers perform modifications and optimizations of the code, and how they translate their view of the code to a given architecture's binary representation. Attendees will see how some mitigations everybody knows and loves are actually implemented, and how to implement a Clang plugin themselves to sneak a backdoor into otherwise perfectly secure code.

Marion Marschalek is a Senior Security Engineer where she advises efforts to build threat detection solutions based on machine learning and AI. Previously she held an offensive security research position at Intel and different roles in the threat detection industry, as a malware reverse engineer and incident responder. Marschalek is the founder of BlackHoodie, a hacker bootcamp for women, which is established as a global initiative to attract more diverse talent to the security industry.