Network Nightmare: Ruling The Nightlife Between Shutdown And Boot With Pxesploit

Presented at DEF CON 19 (2011), Aug. 7, 2011, 4 p.m. (50 minutes)

The best techniques for exploitation, maintaining access, and owning in general move down the stack, using low-level code to bypass security controls. Take the preboot execution environment and get bios-level access to the hardware from across the network, outside any control of the on-disk operating system. In this presentation I will detail the pxesploit attack I wrote, releasing a new metasploit-based comprehensive PXE attack toolkit to deliver any payload reliably to many different operating systems. Also new will be the ability to host a PXE attack through a meterpreter session in memory, using it to escalating privileges and own remote networks.

Presenters:

• Matt Weeks / scriptjunkie - Researcher   as Matt "scriptjunkie" Weeks
  Matt Weeks has performed research in mathematics in chaos and cryptology, and focuses on information security. He enjoys finding ways to break application security, writing shellcode, and creating post-exploitation techniques. Also known as scriptjunkie, he is a developer for the Metasploit framework, wrote the sessionthief MITM tool, and broke a cryptosystem based on chaos theory. He runs a blog at http://www.scriptjunkie.us/ Irc:scriptjunkie

Links:

• https://defcon.org/html/defcon-19/dc-19-speakers.html#Weeks
• https://www.youtube.com/watch?v=tKh4l0jU0U8

Similar Presentations:

• Black Hat USA 2010 / Microsoft Powershell - It's time to own
• 30C3 (2013) / Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
• 44CON 2016 / Universal Serial aBUSe: Remote Physical Access Attacks