Building a Svartkast: Cheap hardware to leave behind on someone else’s network

Presented at DerbyCon 1.0 (2011), Oct. 1, 2011, 7 p.m. (50 minutes)

It’s useful to control a host on a remote network, but you don’t necessarily have to pwn a box that is already there. You can also leave behind a host you can remote into, or since egress filtering rules are often less restrictive than ingress, have it shovel a shell back to you. This sort of host is often called a Kamikaze box, Svartkast, BlackThrow or Dropbox. You can even make it part of cipherspace (I2P or Tor) to make it less apparent who is controlling the box. This talk with describe how to construct such a box using inexpensive hardware.


Presenters:

  • Adrian Crenshaw / Irongeek as Adrian Crenshaw
    Adrian Crenshaw has worked in the IT industry for the last twelve years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools. He did the cert chase for awhile (MCSE NT 4, CNE, A+, Network+. i-Net+) but stopped once he had to start paying for the tests himself. He’s currently working on a Masters in Security Informatics, and is interested in obtaining a network security/research/teaching job in academia. Adrian is one of the founders of DerbyCon, a hacker con located in Louisville, Kentucky.