Presented at DEF CON 18 (2010), Aug. 1, 2010, noon (50 minutes)

Powershell is as close to a programming language we are going to get through a command line interface on Windows. The ability to perform almost any task we want through Windows is a huge benefit for systems administrators... and hackers. During this presentation we'll be releasing a new attack vector through Powershell that allows you to deliver whatever payload you want to through Powershell in both a bind and reverse type scenario and drop any executable. In addition, we will also be releasing a brand spanking new Metasploit module that incorporates the new attack method. This presentation is focused on showing the security implications and concerns with Powershell and how we may be seeing a lot more attacks on something that has generally not been a focus for discussion. Powershell... omfg.


  • David Kennedy / ReL1K - Hacker   as David Kennedy (ReL1K)
    David Kennedy (ReL1K) is a security ninja that likes to write code, break things, and develop exploits when he has spare time. Heavily involved with BackTrack and the Social-Engineer Framework, David continues (and strives) to contribute to a variety of open-source projects. David had the privilege in speaking at some of the nations largest conferences including Defcon and Shmoocon. David is the creator of the Social-Engineer Toolkit (SET), Fast-Track, modules/attacks for Metasploit, and has (responsibly) released a number of public exploits, including attacks that affect some of the largest software vendors in the world. David heavily co-authored the Metasploit Unleashed course available online and has a number of security related white-papers in the field of exploitation. Currently David is a Director and Regional Security for an international multi-billion dollar Fortune 1000 organization and is in charge of ensuring that security is maintained in over 60 different countries. He has a team of highly skilled security professionals that ensure the organizations systems are protected against attack. Prior to his current responsibilities at his current employer, David was a Partner and Vice President of a large information security consulting firm where he led a team of highly skilled and trained security professionals and performed thousands of penetration tests and security assessments across the world for a number of large Fortune 100, 500, and 1000 organizations. Lastly, David served as a United States Marine working directly for the intelligence community and deployed twice to Iraq in support of Operation Iraqi Freedom where he was the youngest Marine to receive multiple awards for recognition for going above and beyond in his battalion. David also developed a number of highly technical and cutting edge systems for the Marine Corps that were utilized on missions across the world. Towards the end of his military career, David was an instructor for the intelligence community on security related programs. Twitter: @dave_rel1k
  • Josh Kelley / Winfang - Hacker   as Josh Kelley (Winfang)
    Josh Kelley (Winfang) is an Enterprise Security Analyst for a Fortune 1000 company where his primarily responsibilities are web application security, incident response, vulnerability management, and ensuring that the organization is protected against attack. Much of this is understanding the latest attack vectors and establishing a defense against a large international target. Josh has recently been working on exploit development and vulnerability research. Josh currently holds the SANS' GSEC and GCIH certifications and is undergoing the Offensive-Security Certified Professional certification.


Similar Presentations: