Podcasts about meterpreter

[Referências do Episódio] - Operation(Đường chín đoạn) typhoon：觊觎南海九段线的赛博海莲 - https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ - Typhon Reborn With New Capabilities - https://unit42.paloaltonetworks.com/typhon-reborn-stealer/ - BumbleBee Zeros in on Meterpreter - https://thedfirreport.com/2022/11/14/bumblebee-zeros-in-on-meterpreter/ - DTrack activity targeting Europe and Latin America - https://securelist.com/dtrack-targeting-europe-latin-america/107798/ [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

OJ Reeves TheColonial is an Australian security professional who specializes in attack simulation. When not breaking networks and software, he is actively contributing to the Metasploit framework on Meterpreter for years. He is also a member of the Corelan team. Today OJ runs a specialist security consultancy called Beyond Binary based in Australia.

There are a ton of modules in Metasploit that are extremely useful for performing various attacks post-exploitation. But sometimes there are external tools that you might want to use that are not included in Metasploit. It's possible to proxy other external tools through a Meterpreter session using a module in Metasploit and proxychains. In this episode Derek Banks (@0xderuke) and Beau Bullock (@dafthack) talk about how to pivot external tools through Meterpreter sessions and demo how to dump Kerberos tickets using this method. LINKS: BHIS Toast to Kerberoast Blog - https://www.blackhillsinfosec.com/a-toast-to-kerberoast/

It is common for organizations to proxy web traffic so they can place restrictions on what websites can be visited by employees. To make the management of allowing or denying access to a large number of sites easier many web proxies utilize categorization engines to group sites into various subjects. Uncategorized sites are generally blocked. In this episode I show how it's easy to locate recently expired domains that have been categorized already, and can be utilized to get past web proxy filters. Additionally, I show how easy it is to set up a trusted certificate on the payload handler to encrypt the session using a custom cert. Links: DomainHunter - https://github.com/minisllc/domainhunter Brian Fehrman Blog Post - http://www.blackhillsinfosec.com/?p=5831

It is common for organizations to proxy web traffic so they can place restrictions on what websites can be visited by employees. To make the management of allowing or denying access to a large number of sites easier many web proxies utilize categorization engines to group sites into various subjects. Uncategorized sites are generally blocked. In this episode I show how it's easy to locate recently expired domains that have been categorized already, and can be utilized to get past web proxy filters. Additionally, I show how easy it is to set up a trusted certificate on the payload handler to encrypt the session using a custom cert. Links: DomainHunter - https://github.com/minisllc/domainhunter Brian Fehrman Blog Post - http://www.blackhillsinfosec.com/?p=5831

Multi-Tool Multi-User HTTP Proxy (with Russel Van Tuyl) IF IT’S A PROTOCOL, YOU CAN PLAY WITH IT ADVANCED PERSISTENT SECURITY PODCAST EPISODE 26 GUEST: Russel Van Tuyl NOVEMBER 21, 2016 If you ...

Slides Here: https://www.defcon.org/images/defcon-22/dc-22-presentations/Nemus/DEFCON-22-Lance-Buttars-Nemus-Intro-to-backdooring-OS.pdf An Introduction to Back Dooring Operating Systems for Fun and Trolling Nemus SECURITY RESEARCHER So you want to setup a back door? Have you ever wondered how its done and what you can do to detect back doors on your network and operating systems? Ever wanted to setup a back door to prank a friend?. This presentations will do just that. We will go over the basics of back doors using SSH, NET CAT, Meterpreter and embedding back doors into custom binaries along with the logistics of accessing them after they are in place. Nemus is a security enthusiast at night and spends his days working in the payment card industry developing RESTFul APIs for bill pay using cash payments. Lance works with open source systems, and enjoys setting up and hardening Linux systems. He has over 11 years of experience working in information technology focusing on system administration and software development and has begun to focus his career on information security. He developed a love for security at Salt Lake Community College after being immersed into it by his professors. Nemus help found the Defcon 801 hackerspace and currently holds the position on the board of directors for 801 Labs, which is the corporation that runs the DC801 hackerspace located in downtown Salt Lake City. Twitter: @Lost_Nemus

Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Balazs/DEFCON-22-Zoltan-Balazs-Bypass-firewalls-application-whitelists-in-20-seconds-UPDATED.pdf Bypass firewalls, application white lists, secure remote desktops under 20 seconds Zoltán Balázs CHIEF TECHNOLOGY OFFICER AT MRG EFFITAS In theory, post-exploitation after having remote access is easy. Also in theory, there is no difference between theory and practice. In practice, there is. Imagine a scenario, where you have deployed a malware on a user’s workstation, but the target information is on a secure server accessed via two-factor authentication, with screen access only (e.g. RDP, Citrix, etc.). On top of that, the server runs application white-listing, and only the inbound port to the screen server (e.g. 3389) is allowed through the hardware firewall. But you also need persistent interactive C&C communication (e.g. Netcat, Meterpreter, RAT) to this server through the user’s workstation. I developed (and will publish) two tools that help you in these situations. The first tool can drop malware to the server through the screen while the user is logged in. The second tool can help you to circumvent the hardware firewall after we can execute code on the server with admin privileges (using a signed kernel driver). My tools are generic meaning that they work against Windows server 2012 and Windows 8, and they work with RDP or other remote desktops. The number of problems you can solve with them are endless, e.g., communicating with bind-shell on webserver behind restricted DMZ. Beware, live demo and fun included! Zoltan (@zh4ck) is the Chief Technology Officer at MRG Effitas, a company focusing on AV testing. Before MRG Effitas, he worked for 5 years in the financial industry as an IT Security expert, and for 2 years as a senior IT security consultant at one of the Big Four companies. His main expertise areas are penetration testing, malware analysis, computer forensics and security monitoring. He released the Zombie browser tool, consisting of POC malicious browser extensions for Firefox, Chrome and Safari. He has been invited to present at information security conferences worldwide including Hacker Halted USA, OHM, Hacktivity, Ethical Hacking, Defcamp. He is a proud member of the gula.sh team, 2nd runner up at global Cyberlympics 2012 hacking competition.

A tutorial on winenum, a Metasploit meterpreter script that performs post-exploitation information gathering by "Dark0perator". A video tutorial can be viewed below: Windows Enumeration Script for Meterpreter from PaulDotCom on Vimeo. Full Show Notes Direct Audio Download Hosts: Larry Pesce, Paul Asadoorian, John Strand, Mick Douglas, & Carlos Perez

When we built Metasploit, our focus was on the exploit development process. We tried to design a system that helped create reliable and robust exploits. While this is obviously very important, it's only the first step in the process. What do you do once you own EIP? Our presentation will concentrate on the recent advancements in shellcode, IDS/firewall evasion, and post-exploitation systems. We will discuss the design and implementation of the technologies that enable complex payloads, such as VNC injection, and the suite of tools we've built upon them. We will then present a glimps of the next generation of Metasploit, and how these new advances will serve as it's backbone. Spoonm Since late 2003, spoonm has been one of the core developers behind the Metasploit Project. He is responsible for much of the architecture in version 2.0, as well as other components including encoders, nop generators, and a polymorphic shellcode engine. A full-time student at a northern university, spoonm spends too much of his free time on security research projects. Skape Skape is a lead software developer by day and an independent security researcher by night. He joined forces with the Metasploit project in 2004 where his many contributions have included the Meterpreter, VNC injection, and many other payload advances. Skape has worked on a number of open-source projects and has authored several papers on security related technologies. His current security related interests include post-exploitation technologies, payload development and optimization, and exploitation prevention technology.

When we built Metasploit, our focus was on the exploit development process. We tried to design a system that helped create reliable and robust exploits. While this is obviously very important, it's only the first step in the process. What do you do once you own EIP? Our presentation will concentrate on the recent advancements in shellcode, IDS/firewall evasion, and post-exploitation systems. We will discuss the design and implementation of the technologies that enable complex payloads, such as VNC injection, and the suite of tools we've built upon them. We will then present a glimps of the next generation of Metasploit, and how these new advances will serve as it's backbone. Spoonm Since late 2003, spoonm has been one of the core developers behind the Metasploit Project. He is responsible for much of the architecture in version 2.0, as well as other components including encoders, nop generators, and a polymorphic shellcode engine. A full-time student at a northern university, spoonm spends too much of his free time on security research projects. Skape Skape is a lead software developer by day and an independent security researcher by night. He joined forces with the Metasploit project in 2004 where his many contributions have included the Meterpreter, VNC injection, and many other payload advances. Skape has worked on a number of open-source projects and has authored several papers on security related technologies. His current security related interests include post-exploitation technologies, payload development and optimization, and exploitation prevention technology.