From the Keyboards, Through the Walls, Got Implant Shells for Y’all

Presented at ShmooCon 2023, Jan. 21, 2023, 4:30 p.m. (30 minutes).

With the maturity of end point protection, machine learning, and attack detection, it’s getting harder out there for an honest red teamer. Instead of trying to own the machine, what if we could own the keyboard and control it remotely? What if it was a thousand keyboards instead? What if you could launch a reverse shell on each of those without fear of having to use your existing target infrastructure. The hacks are endless!

This type of thinking is exactly what led us to stop dreaming about that scenario, and build it ourselves! Our project, Injectyll-HIDe, brings all of these things and more (a lot more). Topics covered in this talk include the scaling of implants for enterprise takeover, creating and utilizing a custom C2 server, a persistent reverse shell over covert channels, and using an implant in red team ops.

Attendees will learn how to create and customize their own implant using our open-source plans, as well as how to implement its current functionality for immediate engagements. They will also leave with a new platform from which to innovate custom implants. Live demos will be used to show these new tactics against real world infrastructure.

Audience participation is required!


Presenters:

  • Jonathan Fischer
    Jonathan Fischer (@c4m0ufl4g3) is a hardware, RF, and IoT security enthusiast that started off designing, programming, and implementing electronic controls for industrial control systems and off-highway machinery. After a decade in that industry, Jonathan obtained his BS in Computer Science and transitioned over to the cyber security industry where he has been working as a Red Team consultant and researcher for more than five years at a Fortune 500 company. Since joining the cyber security industry, Jonathan has since earned various industry certifications (OSCP, GPEN) and continues to leverage his unique experience in his research into hardware hacking.

Similar Presentations: