Collecting Shellz by the C-Side - Hacker Halted
05.01.2014 Views
Share Embed Flag

Collecting Shellz by the C-Side - Hacker Halted

Collecting Shellz by the C-Side - Hacker Halted

Collecting Shellz by the C-Side - Hacker Halted

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
hackerhalted.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>Collecting</strong> <strong>Shellz</strong> <strong>by</strong> <strong>the</strong> C-<strong>Side</strong><br />

Presented <strong>by</strong><br />

Rob Kraus<br />

Jose Hernandez

Traditional Assessments

Client <strong>Side</strong> Attacks

Anatomy of a C-<strong>Side</strong><br />

Attack initiated with<br />

phishing emails to<br />

drive users to<br />

malicious web sites<br />

that are infected<br />

with malware<br />

Malware exploits IE<br />

vulnerability and<br />

downloads to<br />

user’s system<br />

Malware opens<br />

backdoor that gives<br />

full access to user’s<br />

system<br />

Attacker uses<br />

access to create<br />

o<strong>the</strong>r backdoors<br />

and gain access to<br />

sensitive data

Phases of an APT<br />

1<br />

Planning<br />

& Info Ga<strong>the</strong>ring<br />

2<br />

Attack &<br />

Compromise<br />

(Breach)<br />

3<br />

Establish<br />

Command<br />

& Control<br />

4<br />

Authorization &<br />

Credential Theft<br />

5<br />

Manual<br />

Exploitation &<br />

Info Ga<strong>the</strong>ring<br />

6<br />

Data<br />

Ex-filtration<br />

7<br />

Maintain<br />

Persistence

Anatomy of C-<strong>Side</strong> Attack

Choosing an Enemy

Penetration Tests

Penetration Tests

Test Scenarios

End-Point Protection

Egress Filtering

Fun With PDF’s

Information Ga<strong>the</strong>ring - Metagoofil

Metagoofil

Information Ga<strong>the</strong>ring

Social Networks

Metasploit

Exploit a Vulnerability

DLL Planting

DLL Planting

DLL Planting

Malicious Website

Citrix

Citrix External Login

Citrix External Login

Defensive Considerations<br />

Mail Gateway<br />

AV<br />

Network<br />

Proxies<br />

Content<br />

Filtering<br />

Network<br />

Monitoring<br />

Patch<br />

Management<br />

Egress<br />

Filtering<br />

Desktop<br />

AV/Firewall<br />

Perimeter<br />

Defense<br />

Client-<br />

<strong>Side</strong><br />

Defense<br />

Employee<br />

Education

Conclusion<br />

Rob Kraus<br />

Manager, Security Consulting Services<br />

Email: robkraus@solutionary.com<br />

Twitter: @robkraus<br />

Jose Hernandez<br />

Security Consultant<br />

Email: josehernandez@solutionary.com

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!