With the maturity of end point protection, machine learning, and attack detection, it’s getting harder out there for an honest red teamer. Instead of trying to own the machine, what if we could own the keyboard and control it remotely? What if it was a thousand keyboards instead? What if you could launch a reverse shell on each of those without fear of having to use your existing target infrastructure. The hacks are endless!
This type of thinking is exactly what led us to stop dreaming about that scenario, and build it ourselves! Our project, Injectyll-HIDe, brings all of these things and more (a lot more). Topics covered in this talk include the scaling of implants for enterprise takeover, creating and utilizing a custom C2 server, a persistent reverse shell over covert channels, and using an implant in red team ops.
Attendees will learn how to create and customize their own implant using our open-source plans, as well as how to implement its current functionality for immediate engagements. They will also leave with a new platform from which to innovate custom implants. Live demos will be used to show these new tactics against real world infrastructure.
Audience participation is required!