Owning Bad Guys {And Mafia} With Javascript Botnets

Presented at DEF CON 20 (2012), July 28, 2012, 11 a.m. (50 minutes)

Man in the middle attacks are still one of the most powerful techniques for owning machines. In this talk MITM schemas in anonymous services are going to be discussed. Then attendees will see how easily a botnet using javascript can be created to analyze that kind of connections and some of the actions people behind those services are doing... in real. It promises to be funny.


Presenters:

  • Manu "The Sur" - Penetration Tester, Informatica64
    Manu has been working in all security areas since he got into Informatica64. He is a security pentester, a developer coding in projects like FOCA and a very good security research in areas such as Connection String Parameter Pollution Attacks or malware. He has the honor of being the man behind some of the most powerful "C# spaghetti lines" of FOCA.
  • Chema Alonso - Security Researcher, Informatica64
    Chema Alonso is a Security researcher with Informatica64, a Madrid-based security firm. Chema holds respective Computer Science and System Engineering degrees from Rey Juan Carlos University and Universidad Politècnica de Madrid. During his more than eight years as a security professional, he has consistently been recognized as a Microsoft Most Valuable Professional (MVP). Chema is a frequent speaker at industry events (Microsoft Technet / Security Tour, AseguraIT) and has been invited to present at information security conferences worldwide including Yahoo! Security Week, Black Hat Briefings, ShmooCON, DeepSec, HackCON, Ekoparty and RootedCon - He is a frequent contributor on several technical magazines in Spain, where he is involved with state-of-the-art attack and defense mechanisms, web security, general ethical hacking techniques and FOCA. Twitter: @chemaalonso http://www.elladodelmal.com www.informatica64.com

Links:

Similar Presentations: