DerbyCon is right around the corner (Sept. 23 - 25)

September 22, 2015, Mike Weber, Vice President, Coalfire Labs

DerbyCon is right around the corner (Sept. 23 - 25) and we wanted to highlight two sessions that Coalfire Labs team members will be presenting.

First, you may have read about this in Forbes (link: http://www.forbes.com/sites/thomasbrewster/2015/09/15/diy-stingray-jeep/) the other day, Drew Redshift Porter will be giving at talk on “How to Build Your Own Covert SIGINT Vehicle”. This talk will cover how to build your own covert SIGINT (Signals Intelligence) Vechicle, some important tips and tricks when trying to build one, an alpha release of Redz SIGINT software, and some of the interesting signals captured from the road with the SIGINT Jeep.

Not convinced that building out a car with this capability would cost "hundreds of thousands of dollars" Drew set out to prove a point that one can put together this system with some commonly available hardware and software and seek signals from radio network communications as you drive around. From a FitBit, to complex critical infrastructure radio network communications. With all this information being latterly passed through you, why not have a little fun with it? And even better, why not do it from the comfort of your air conditioned car? The SIGINT Jeep is the byproduct of this exact thought and a fact that more than ever, “We could all be Big Brother if we wanted.”

Drew's presentation will be in Track 2 on Saturday September 26th, 5:00 - 5:50.

Second, Nicholas Berhaume will walk us through how to leverage the Microsoft Diagnostics Toolkit to do more than just provide an interface to report issues back to Microsoft about their software products. Using the freely available Microsoft SDK to generate diagnostic cabinet files has been used by a small set of vendors and administrators to resolve issues in the past, but the content of this talk will be to demonstrate and provide the ability for penetration testers to author payloads for use in system compromise, persistence and other attack vectors.

The diagnostic toolkit makes for an excellent facility to be used along with phishing attacks due to their ability to employ native powershell as well as DLLs and other content within them.  As part of the presentation there will be examination of how these can be created to gain not only shell access to a system, but also enjoy persistence and privilege escalation without any special considerations on the client-side.  The tool suite that will be released alongside the talk provides facilities for creating these without the need for any Microsoft software until directed at a target from *nix based platforms and will facilitate the incorporation of several common powershell payloads which will give its user functions reconnaissance, code injection, payload encryption and persistence hooks. PenTesters that need to test environments without relying upon vulnerabilities that are readily mitigated as part of patch cycles and have the flexibility to work on a large percentage of platforms encountered during assessments that vary widely in their attack methodology will benefit from this presentation.

Nicholas' presentation will be in Track 3 on Saturday September 26th, 5:00 - 5:50.

To engage with Coalfire Labs to perform testing or discuss security please contact us

Mike Weber

Author

Mike Weber — Vice President, Coalfire Labs

Recent Posts

Post Topics

Archives