Presented at
AppSec USA 2013,
Nov. 20, 2013, noon
(50 minutes).
Video of session:
https://www.youtube.com/watch?v=yh4-F90XONI&list=PLpr-xdpM8wG8ODR2zWs06JkMmlRiLyBXU&index=7
The existance of open well defined APIs for many popular websites has been a boon to spammers, but as they have grown in popularity the operators have begun to care more about the integrity of the network. 3rd party access to these APIs is becoming increasingly restricted, while at the same time desires for a frictionless mobile experience have led to much looser restriction in their own applications.
We'll leverage this, along with the ability to load and execute Android APKs within JRuby sessions to create and control a social botnet.
Beginning with a brief overview of tools for disassembling, understanding, modifying, and rebuilding APKs. We will then move onto scripting portions of the application in a JRuby session, along the way covering key recovery, bypassing custom cryptographic routines, and general exploration of the code in a dynamic environment.
We'll conclude with leveraging what we've discovered to create and control thousands of accounts. Building on available information sources, such as the US census, and streams provided by the targetted network itself these accounts will have realistic characteristics and interact with the network in believable ways.
Presenters:
-
Daniel Peck
- Principle Research Scientist - Barracuda Networks
Peck is principle research scientist at Barracuda Networks, he is currently focused on studying uses of social networks as a medium for attacks. Previous research includes comparing content and non content based systems to identify malicious accounts on Twitter/Facebook, exploiting programmable logic controllers, and identifying/classifying malicious javascript. Peck has a Bachelor's of Science in Computer Science from the Georgia Institute of Technology.
Links:
Similar Presentations: