Use and abuse of SSH AuthorizedKeysCommand and SSH Certificates

Presented at NolaCon 2022, May 22, 2022, 11 a.m. (Unknown duration).

<p>This talk will discuss the recent rise of SSH Certificates and SSH AuthorizedKeyCommands as alternative Identity and Access Management solutions. This talk will show how they can be used defensively as well as an innovative backdoor.</p> <p>This talk will cover setup, program suites that utilize certificates, how to set them up yourself, and how to backdoor systems.</p>

Presenters:

  • Dustin Heywood / EvilMog as Evil_Mog (Dustin Heywood)
    <p>EvilMog is the Chief Architect for X-Force and Senior Technical Staff Member, Bishop of the Church of Wifi, and member of team Hashcat. He is on the SECCDC Red Team, and has been known to collect conference black badges. </p>

Links:

Similar Presentations: