Authenticated Code Execution by Design

Presented at Wild West Hackin' Fest 2017, Oct. 28, 2017, 10:40 a.m. (45 minutes).

The most effective way to gain and maintain access to computers on a network is by using passwords to login to existing administrative services. Logging into existing services has several clear advantages over exploitation. There is no unusual traffic on the network for those pesky IDS and next-gen firewalls to meddle with -- it looks just like normal user activity. With many administrative services, you get encryption for free as well, making it even harder for those network devices to cause you grief. There are often no new files on victim machines to draw the suspicions of nosy incident responders. Despite these services holding the keys to the kingdom, or perhaps because they do, they are ubiquitous. Every single network of any size will have some or even many of them. As a penetration tester, you want to own these things. As an administrator, you want to lock them down and watch them like a hawk. In this talk I will discuss some of my favorite Authenticated RCE by Design services and how to use them for nefarious purposes.

Presenters:

  • James Lee / Egyp7 - Black Hills Information Security   as James Lee
    James Lee, better known as egypt is a vocal advocate for open source and strongly believes that open source security tools are vital to the future of the internet. Note that egypt is not Egypt. The two can be distinguished easily by their relative beards -- Egypt has millions, while egypt only has the one.

Links:

Similar Presentations: