Getting the data out using social media

Presented at BSidesLV 2015, Aug. 4, 2015, noon (25 minutes).

You've made it into the network - but can you get data out? Today's Internet provides a dazzling array of legitimate upload sites to hide your traffic in - Twitter, Flickr, SoundCloud, YouTube, Dropbox, and more - but each channel requires a different tool or custom code, and endless troubleshooting. Sneaky-creeper is a new open source framework for exfiltrating (or infiltrating) data using any of the backchannels the Internet provides, with a minimum of effort. Modules are easy to create and share, enabling covert communications over more channels than ever before.


Presenters:

  • Dakota Nelson - Intern - Black Hills Information Security
    Dakota is an engineering student at Olin College in Boston, and an intern at Black Hills Information Security. He has previously developed software for DoD, DOE, and DARPA, and is heavily involved in the Boston startup community, including as a Student Fellow at .406 Ventures, a security-heavy venture capital firm in Boston. He has a diverse software development background, but has mostly focused on creating novel web applications while at BHIS. He published a paper on NFC security during his senior year of high school, and has driven hundreds of miles to attend DEFCON each year since age 17. You can find more at his website, http://dakotanelson.com.
  • Gabriel Butterick
    Gabriel grew up in Tampa, Florida. He attended the University of Florida for two semesters taking a variety of courses on software, writing, and biology. After, he transferred to Franklin W. Olin College of Engineering where he has completed 2 semesters with his focus being in software design.
  • Byron Wasti
    Byron Wasti is studying electrical and computer engineering at the Olin College of Engineering in Boston. He has a background in both programming and electronics. Byron is also a strong supporter of the Open Source community.

Links: