InfoconDB

Presented at ToorCon San Diego 14 (2012), Oct. 21, 2012, 3 p.m. (20 minutes).

McAfeee Secure (nee ScanAlert) and other "trust mark" vendors are site security "certification" tools designed to assist e-commerce websites in creating a sense of consumer confidence in the security of the website they are visiting. Unfortunately, McAfee Secure (and every other security seal vendor) suffer from the same critical issues that allow attackers to use their tools as a one stop shop for network reconnaissance and turn the tools from a defensive tool into the ultimate attack tool.

In this presentation we will illustrate the ease with which an attacker can enumerate all the sites protected by the various services, using simple SEO crawls and OCR to defeat graphic-based providers, and use the collected information to reveal vulnerable sites without sending a single packet to the sites themselves. During the presentation we will demonstrate Oizys, a seal harvesting tool, which automates the process and essentially turns HackerSafe and Trust Guard into a near realtime alerting tool for hackers.

Presenters:

Jay James
Jay James is a principal partner at Tactical Intelligence Inc, and is a recovering system administrator and an outspoken critic of the IT audit and compliance procedure. His presentations last year at BSidesLV and ToorCon resulted in an unceremonious firing from LPL Financial because of the subversive subject matter (how IT audit sucks). His likes include women, whisky, guns, and whisky-drinking women with guns
Shane MacDougall
Shane MacDougall is a principal partner at Tactical Intelligence Inc, and has been active in the computer security industry since 1989. He was an associate editor of PenTest Magazine, and has presented at BlackHat EU, BSidesLV, ToorCon, and DerbyCon. He holds two Defcon Black Badges for winning the Defcon 19 and 20 Social Engineering CTF competitions.

McAfee Secure and Trustmarks - A Hacker's Best Friend

Presenters:

Similar Presentations: