Hacking with backup

[Dave Aitel <dave () immunitysec com>]

One of the things I think is going to be interesting about the next 
generation of exploit frameworks is that there's going to be much more 
interactivity with server-side platforms. For example, when writing a 
non-executable stack exploit, you often want to automatically analyze 
the process environment to create a chain of returns that will perform a 
particular action. This can be done as a sort of hash table by versions, 
or it can be done on a case by case basis.

But doing attacks correctly on a case by case basis requires a 
disassembler and powerful emulation or analysis engine. This sort of 
thing is something you want to maintain on a real server, updated as 
often as necessary, and only establish connectivity to it when you need it.

This is just one example, but everyone can think of other cool ones as 
well - cracking boxes, documentation servers, dns tunnels, etc. The more 
you write exploits with the idea that you can get real iron when you 
need it, the more you need it. And, of course, we're opening the whole 
framework, using open protocols and tools, to let anyone build a 
business by offering these services.

-dave