Stegosploit - Exploit Delivery with Steganography and Polyglots

Presented at Black Hat Europe 2015, Unknown date/time (Unknown duration).

"A good exploit is one that is delivered with style."Stegosploit creates a new way to encode "drive-by" browser exploits and deliver them through image files. These payloads are undetectable using current means. This talk discusses two broad underlying techniques used for image based exploit delivery - Steganography and Polyglots. Drive-by browser exploits are steganographically encoded into JPG and PNG images. The resultant image file is fused with HTML and Javascript decoder code, turning it into an HTML+Image polyglot. The polyglot looks and feels like an image, but is decoded and triggered in a victim's browser when loaded. The Stegosploit Toolkit v0.3, to be released with improvements upon existing v0.2, contains the tools necessary to test image based exploit delivery.


Presenters:

  • Saumil Shah - Net-Square
    Saumil Shah, a veteran Black Hat instructor, is the founder and CEO of Net-Square, providing cutting edge information security services to clients around the globe. Saumil is an internationally recognized speaker and instructor, having regularly presented at conferences like Black Hat, RSA, CanSecWest, 44CON, Hack.lu, Hack-In-The-Box, NoSuchCon, REcon, and others. Saumil has been the co-developer of the wildly successful "Exploit Laboratory" courses that he teaches all over the world. He has also authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book." Saumil graduated with an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time breaking software, flying kites, traveling around the world, and taking pictures.

Links:

Similar Presentations: