MetaPhish

Presented at DEF CON 17 (2009), Aug. 1, 2009, 2 p.m. (110 minutes)

Attackers have been increasingly using the web and client side attacks in order to steal information from victims. The remote exploit paradigm is shifting from the open port to the browser and email client. Penetration testers need to take these techniques into account in order to provide realistic tests. In the past several years there have been numerous presentations on techniques for specific client side attacks and vulnerabilities. This talk will focus on building a phishing framework on top of Metasploit that pen testers can use to automate phishing and increase their overall capabilities. We will also cover some techniques for SpearPhishing on pen tests, second stage backdoors, and extensive communication over TOR.

Presenters:

• Colin Ames - Security Researcher
  Colin Ames is a security researcher with Attack Research LLC where he consults for both the private and public sectors. He's currently focused on Pen testing, Exploit Development, Reverse Engineering, and Malware Analysis.
• Valsmith - Attack Research, LLC., CEO
  Val Smith has been involved in the computer security community and industry for over ten years. He currently works as a professional security researcher on a variety of problems in the security community. He specializes in penetration testing, reverse engineering and malware research. He works on the Metasploit Project as well as other vulnerability development efforts. Most recently Valsmith founded Attack Research which is devoted to deep understanding of the mechanics of computer attack. Previously Valsmith founded a public, open source malware research project.
• David Kerb - Security Researcher
  David Kerb has worked in the computer security arena for the past ten years. He has specialized in Reverse Engineering, Malware research, and penetration testing. During the past ten years he has worked with various places including Offensive Computing, a Malware Research Company. He is currently helping found Attack Research which is set up to help understand the internals of attacks. Dave Kerb has focused on *nix systems and enjoys figuring out how to abuse various trust relations between *nix systems.

Links:

• https://defcon.org/html/defcon-17/dc-17-speakers.html#Valsmith
• https://infocon.org/cons/DEF CON/DEF CON 17/DEF CON 17 video and slides/DEF CON 17 - Valsmith Colin Ames and David Kerb - MetaPhish - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=3DYOMkkTK4A

Similar Presentations:

• HOPE Number Nine (2012) / Why Browser Cryptography is Bad and How We Can Make It Great
• CarolinaCon 11 (2015) / Anatomy of Web Client Attacks
• DEF CON 16 (2008) / Pen-Testing is Dead, Long Live the Pen Test