Steal Everything; Kill Everyone; Profit!
j/k please don’t :3
Too Many Cooks; Exploiting the Internet of Tr-069
Ever wanted to scan the internet in a few hours?
The Eavesdropper’s Dillemma
Coding Malware for fun and no profit
Use google bots to perform SQL injections on websites
- Opens 1K+ IPs or Shodan search results and attempts to login
Door Control Systems: An Examination of Lines of Attack
Implanting a Dropcam
Achilles Heel of the American Banking System
Different Type of SCADA
Software Distribution Malware Infection Vector
Attacking multifunction printers and getting creds from them
- Proof of Concept of SSH Botnet C&C Using Python
Weapons of Mass Distraction
- In this talk, we aim to briefly cover the background of sock puppets (and related attacks) before moving on to real world demonstrations & “attacks“. Rigging polls, abusing Twitter, causing Reddit riots & targeting popular news organisations are some of the (many) attacks covered. In all these cases we discuss what we tried, what worked, what didn’t and what the implications are of the attacks. Where possible we will cover defences and solutions.
Adding your protocol to Masscan
You Can Type, but You Can’t Hide: A Stealthy GPU-based Keylogger
- Keyloggers are a prominent class of malware that harvests sensitive data by recording any typed in information. Key- logger implementations strive to hide their presence using rootkit-like techniques to evade detection by antivirus and other system protections. In this paper, we present a new approach for implementing a stealthy keylogger: we explore the possibility of leveraging the graphics card as an alterna- tive environment for hosting the operation of a keylogger. The key idea behind our approach is to monitor the system’s keyboard buffer directly from the GPU via DMA, without any hooks or modifications in the kernel’s code and data structures besides the page table. The evaluation of our pro- totype implementation shows that a GPU-based keylogger can effectively record all user keystrokes, store them in the memory space of the GPU, and even analyze the recorded data in-place, with negligible runtime overhead.