[ MI CASA-SU CASA ] My 192.168.1.1 is Your 192.168.1.1

Presented at DEF CON 27 (2019), Aug. 11, 2019, 1 p.m. (45 minutes)

Your browser thinks my 192.168.1.1 is the same as your 192.168.1.1. Using a novel combination of redirects, Karma, JavaScript and caching we demonstrate that it's viable to attack internal management interfaces without ever connecting to your network. Using the MICASA-SUCASA tool it's possible to automate the exploitation of hundreds of interfaces at once. This presentation will introduce the attack vector and demonstration, but also the public release of the MICASA-SUCASA tool.

Presenters:

• Elliott Thompson - Senior Security Consultant, SureCloud Ltd
  The alphabet soup: OSCP, CTL/CCT-APP Senior pentester and researcher for the last 3 years, with hundreds of successful engagements behind me. Passionate about security and involved in various article pieces for infosec magazine, the BBC and the UK consumer watchdog Which?. Last year I discovered and disclosed an exploit on some Android tablets that allowed RCE through the tag. [ CVE-2018-16618 ]

Links:

• https://defcon.org/html/defcon-27/dc-27-speakers.html#Thompson
• https://infocon.org/cons/DEF CON/DEF CON 27/DEF CON 27 video and slides/DEF CON 27 - Elliott Thompson - MI CASA-SU CASA My 19216811 is Your 19216811.mp4
• https://infocon.org/cons/DEF CON/DEF CON 27/DEF CON 27 video and slides/DEF CON 27 - Elliott Thompson - MI CASA-SU CASA My 19216811 is Your 19216811.srt (subtitles)
• https://www.youtube.com/watch?v=JGezOYIfOWQ

Similar Presentations:

• DEF CON 15 (2007) / CaffeineMonkey: Automated Collection, Detection and Analysis of Malicious JavaScript