October 25-28, 2017!! We’re going to have so much fun! Hopefully you can join us!
Back To Schedule
Saturday, October 28 • 10:40 - 11:25
Authenticated Code Execution by Design

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The most effective way to gain and maintain access to computers on a network is by using passwords to login to existing administrative services. Logging into existing services has several clear advantages over exploitation. There is no unusual traffic on the network for those pesky IDS and next-gen firewalls to meddle with -- it looks just like normal user activity. With many administrative services, you get encryption for free as well, making it even harder for those network devices to cause you grief. There are often no new files on victim machines to draw the suspicions of nosy incident responders.

Despite these services holding the keys to the kingdom, or perhaps because they do, they are ubiquitous. Every single network of any size will have some or even many of them. As a penetration tester, you want to own these things. As an administrator, you want to lock them down and watch them like a hawk.

In this talk I will discuss some of my favorite Authenticated RCE by Design services and how to use them for nefarious purposes.

avatar for James Lee

James Lee

Black Hills Information Security
James Lee, better known as egypt is a vocal advocate for open source and strongly believes that open source security tools are vital to the future of the internet. Note that egypt is not Egypt. The two can be distinguished easily by their relative beards -- Egypt has millions... Read More →

Saturday October 28, 2017 10:40 - 11:25 MDT
Pine Crest A