SlideShare ist ein Scribd-Unternehmen logo

Practical exploitation and social engineering

Als PPTX, PDF herunterladen
Tiago Henriques
Tiago Henriques

Just4meeting 2011 - Practical exploitation and cyberstalking!

Technologie
1 von 53
Practical Exploitation: Introduction to Metasploit, Social Engineering and a few other tools
Speakers BSc, MSc, CEH, CHFI,thought I was going to be a PhD decided to become a ninja instead. BSc, MSc -Now works for ABBAN Breaking servers, sip trunks, and doing research into VoIP and IMS
Synopsis – wrong order, all content Introduction to practical exploitation Introduction to cyberstalking Introduction to Metasploit (short) History of metasploit Modules Exploits Payloads Tools Metasploit fundamentals Vulnerability Scanning MSF Databases commands Client side exploits Post Exploitation Meterpreter Armitage Social Engineering SET Types of attacks Infection Media Practical workshop Ps: I know you have high hopes that it will go by this order, but it wont, we are not that organized, and apologize in advance.
Workshop During the practical workshop, you will work in pairs, you will be given an IP address to a virtual machine. The objective of this workshop is very simple PWN the living crap out of these virtual machines using techniques that were taught to you during this presentation and read the file password.txt located at Windows/System32 or /home/just4meeting (depending if you get a windows box or a linux box), and sucessfully create your own account on the remote system.
Seriouz Business When presenting, we like to talk about both the fun side of things and the bit about serious implications these “fun things” can have in life. During this presentation you will hear a bit about cyberstalking and how these tools work from a cyberstalker perspective and a victim. To write this part of the presentation we worked along side with the brand new UK National Center for Cyberstalking Research, they are cool people and provided us with lots of data and information. http://www.beds.ac.uk/nccr/news
Practical exploitation Q:What do we call practical exploitation? On the interwebz you can find many definitions created by “security professionals”, we are not (security professionals), so here is our definition of practical exploitation: Get root and learn how to use current tools to automate and increase the speed when doing a penetration test. Understand how to use the tools past a script kiddie level – aka being able to extend the tool code if needed or combine multiple tools to achieve a target (!!root!!)
Cyberstalking Q: What is CYBERSTALKING? A: Cyberstalking is the use of internet and/or other electronic means to stalk or harass an individual. However cyberstalking can be legal and illegal. (To be explained further)
Cyberstalking Q: Who practices cyberstalking? You Me
Cyberstalking “I’VE NEVER CYBERSTALKED!!!!one!!!eleven!!”
Cyberstalking Remember when 2 slides back we said cyberstalking could be both legal and illegal ? This is what we meant... Lets go through a scenario where Cyberstalking would be legal!
Cyberstalking Meet Tiago: As you can see, Tiago is ur average 23 year old stud, he likes to go out and party, when he does so he meetssssssssssssss
Cyberstalking GIRLS! However....
Cyberstalking Tiago has certain things he likes in girls and things he dislikes! Tiago like more then 500million people has a facebook account So Tiago goes and does a bit of Cyberstalking to decide which girls he wants to be friends with or not. Or even possible future girlfriends.
Cyberstalking Even without adding these girls to facebook he gets plenty information sometimes to decide if he wants to go further with them.
Cyberstalking So, as you can see this is an example of a situation where cyberstalking is perfectly acceptable and legal. You access public information about someone that is in the “cyber” world. This is also an action done sometimes by companies that are considering hiring a certain person, to get some background information on the person.
Cyberstalking HOWEVER
Cyberstalking – Scenario 2 Tiago also knows his way around computers and specifically security and the tools used in infosec. He also knows how to check securitytube and common security websites for different types of attacks. BLACKHAT ON!
Cyberstalking – Scenario 2 Analyzing the profiles Tiago decides he wants to go further and know a bit too much about one of these girls.
Profiling Tiago starts by getting all sorts of information he can on this girl that might be useful in any way: From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole Using the information collected from this facebook profile we go to google...
Profiling <<- OH LOOK THE SIFE THING Quite a few results lets have a look at a few....
Profiling From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole From twitter we get 0 From linkedIN: Project manager at Innovate Went to University of Bedfordshire Is looking for new career opportunities etc etc etc SIFE - SIFE is an international non-profit organization that works with leaders in business and higher education to mobilize university students to make a difference in their communities while developing the skills to become socially responsible business leaders.
Going over the line How can all this simple, easily accesible information help Tiago cyberstalk someone? Well let me introduce you to METASPLOIT.
DEMO 1 – PDF + Email DEMO
DEMO 1 – PDF + Email As you can see it wasn’t an attack hard to setup and easily a real life scenario. For those of you that find that attack complicated, we have something for you later on....
A bit more on cyberstalking.... Following we will present some data that was provided to us by the Research Center!  coz stats are always fun n giggles!
Stats Harrasser – Environment where they are first met
Stats Harrasser – Description
Stats Fears experienced by those who are harassed
Stats Consequences on those being harrased
Types of attacks ,[object Object]
Posting false profiles
Posing as the victim and attacking others
Discrediting in online communities
Discrediting victim in workplace
Direct threats through email/instant messaging
Constructing websites targeting the victim
Transferring attack to victim’s relatives
Use of the victim’s image
Provoking others to attack the victim
Following the victim in cyberspace,[object Object]
Metasploit Exploitation framework Lots of other tools and utilities First written in PERL Then changed to RUBY (THANK GOD) 3 versions – Pro, Express, free
Metasploit nowadays... We wont be able to look at all the different components so we will try to focus on the more commonly used ones.
Metasploit - Starting
Metasploit - Interaction There are many ways a user can access metasploit features: ,[object Object]
msfGUI
msfWEB
Armitage,[object Object]
Metasploit - MSFGui
Metasploit - MSFWeb
Metasploit - Armitage
Metasploit – Main Modules Exploits – Main module – used to pwn shit! :] Encoders – Used to transform raw versions of payloads Payload – Used to connect to the shit u pwn!
Metasploit – Quick Intro Step 1 – Open msfconsole Step 2 – Choose exploit Step 3 – Configure exploit and payload Step 4 – exploit!
Metasploit – Intro DEMO DEMO 0

Empfohlen

Hack the book Mini
Hack the book MiniHack the book Mini
Hack the book MiniKhairi Aiman
 
BlueHat v18 || MSRC listens
BlueHat v18 || MSRC listensBlueHat v18 || MSRC listens
BlueHat v18 || MSRC listensBlueHat Security Conference
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedMazin Ahmed
 
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Mazin Ahmed
 
Thou shalt not
Thou shalt notThou shalt not
Thou shalt nottaftosterone
 
Hacker halted2
Hacker halted2Hacker halted2
Hacker halted2samsniderheld
 
Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Bruce Wolfe
 

Empfohlen

Hack the book Mini
Hack the book MiniHack the book Mini
Hack the book MiniKhairi Aiman
 
BlueHat v18 || MSRC listens
BlueHat v18 || MSRC listensBlueHat v18 || MSRC listens
BlueHat v18 || MSRC listensBlueHat Security Conference
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedMazin Ahmed
 
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Mazin Ahmed
 
Thou shalt not
Thou shalt notThou shalt not
Thou shalt nottaftosterone
 
Hacker halted2
Hacker halted2Hacker halted2
Hacker halted2samsniderheld
 
Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Bruce Wolfe
 
Web bugs prez
Web bugs prezWeb bugs prez
Web bugs prezGroupM
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For MoneyShubham Gupta
 
Security for javascript
Security for javascriptSecurity for javascript
Security for javascriptHữu Đại
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureNETWAYS
 
Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptxPeter Yaworski
 
Hackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeHackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeUtkarsh Sengar
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
 
Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesTiago Henriques
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploitTiago Henriques
 
Enei
EneiEnei
EneiTiago Henriques
 
Talkj4mshare
Talkj4mshareTalkj4mshare
Talkj4mshareTiago Henriques
 
Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaTiago Henriques
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocTiago Henriques
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a countryTiago Henriques
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hackingHam'zzah Mir-zza
 
Empowerment Technologies - Module 2
Empowerment Technologies - Module 2Empowerment Technologies - Module 2
Empowerment Technologies - Module 2Jesus Rances
 
About the author - cover letter
About the author - cover letterAbout the author - cover letter
About the author - cover letterKenneth Kempf
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant abnmi
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecYashSomalkar
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 

Weitere ähnliche Inhalte

Was ist angesagt?

Web bugs prez
Web bugs prezWeb bugs prez
Web bugs prezGroupM
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For MoneyShubham Gupta
 
Security for javascript
Security for javascriptSecurity for javascript
Security for javascriptHữu Đại
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureNETWAYS
 
Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptxPeter Yaworski
 
Hackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeHackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeUtkarsh Sengar
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016Frans Rosén
 

Was ist angesagt? (8)

Web bugs prez
Web bugs prezWeb bugs prez
Web bugs prez
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For Money
 
Security for javascript
Security for javascriptSecurity for javascript
Security for javascript
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
 
Hackfest presentation.pptx
Hackfest presentation.pptxHackfest presentation.pptx
Hackfest presentation.pptx
 
Hackers The Anarchists Of Our Time
Hackers The Anarchists Of Our TimeHackers The Anarchists Of Our Time
Hackers The Anarchists Of Our Time
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
 

Andere mochten auch

Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesTiago Henriques
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploitTiago Henriques
 
Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaTiago Henriques
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocTiago Henriques
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a countryTiago Henriques
 

Andere mochten auch (7)

Secure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago HenriquesSecure coding - Balgan - Tiago Henriques
Secure coding - Balgan - Tiago Henriques
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
 
Enei
EneiEnei
Enei
 
Talkj4mshare
Talkj4mshareTalkj4mshare
Talkj4mshare
 
Confraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redondaConfraria 28-feb-2013 mesa redonda
Confraria 28-feb-2013 mesa redonda
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havoc
 
How to dominate a country
How to dominate a countryHow to dominate a country
How to dominate a country
 

Ähnlich wie Practical exploitation and social engineering

Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Empowerment Technologies - Module 2
Empowerment Technologies - Module 2Empowerment Technologies - Module 2
Empowerment Technologies - Module 2Jesus Rances
 
About the author - cover letter
About the author - cover letterAbout the author - cover letter
About the author - cover letterKenneth Kempf
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant abnmi
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecYashSomalkar
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)Avansa Mid- en Zuidwest
 
Cyber Security Workshop Presentation.pptx
Cyber Security Workshop Presentation.pptxCyber Security Workshop Presentation.pptx
Cyber Security Workshop Presentation.pptxYashSomalkar
 
Secure encryption in a wiretapped future
Secure encryption in a wiretapped futureSecure encryption in a wiretapped future
Secure encryption in a wiretapped futureMichael Renner
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdfLinux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdfxererenhosdominaram
 
Things that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityThings that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityChristian Heilmann
 
New text document
New text documentNew text document
New text documentsleucwnq
 
New text document
New text documentNew text document
New text documentsleucwnq
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfIndianArmy38
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfIndianArmy38
 
Hushcon 2016 Keynote: Test for Echo
Hushcon 2016 Keynote: Test for EchoHushcon 2016 Keynote: Test for Echo
Hushcon 2016 Keynote: Test for EchoDeja vu Security
 
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecurityMichael Rushanan
 

Ähnlich wie Practical exploitation and social engineering (20)

Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
 
Get started with hacking
Get started with hackingGet started with hacking
Get started with hacking
 
Empowerment Technologies - Module 2
Empowerment Technologies - Module 2Empowerment Technologies - Module 2
Empowerment Technologies - Module 2
 
About the author - cover letter
About the author - cover letterAbout the author - cover letter
About the author - cover letter
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSec
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
 
Cyber Security Workshop Presentation.pptx
Cyber Security Workshop Presentation.pptxCyber Security Workshop Presentation.pptx
Cyber Security Workshop Presentation.pptx
 
Secure encryption in a wiretapped future
Secure encryption in a wiretapped futureSecure encryption in a wiretapped future
Secure encryption in a wiretapped future
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdfLinux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
Linux_Basics_for_Hackers_OccupyTheWeb_Complex.pdf
 
Things that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityThings that go bump on the web - Web Application Security
Things that go bump on the web - Web Application Security
 
New text document
New text documentNew text document
New text document
 
New text document
New text documentNew text document
New text document
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdf
 
Beginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdfBeginning Ethical Hacking with Python.pdf
Beginning Ethical Hacking with Python.pdf
 
Backtrack Manual Part9
Backtrack Manual Part9Backtrack Manual Part9
Backtrack Manual Part9
 
Hushcon 2016 Keynote: Test for Echo
Hushcon 2016 Keynote: Test for EchoHushcon 2016 Keynote: Test for Echo
Hushcon 2016 Keynote: Test for Echo
 
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on CybersecuritySpecial Topics Day for Engineering Innovation Lecture on Cybersecurity
Special Topics Day for Engineering Innovation Lecture on Cybersecurity
 

Mehr von Tiago Henriques

BSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdfBSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdfTiago Henriques
 
Pixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecturePixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architectureTiago Henriques
 
Pixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet versionPixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet versionTiago Henriques
 
The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017Tiago Henriques
 
Webzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandWebzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandTiago Henriques
 
BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity Tiago Henriques
 
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...Tiago Henriques
 
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015Tiago Henriques
 
Codebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winCodebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winTiago Henriques
 
Presentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecPresentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecTiago Henriques
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using sshTiago Henriques
 

Mehr von Tiago Henriques (16)

BSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdfBSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdf
 
Pixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecturePixels Camp 2017 - Stories from the trenches of building a data architecture
Pixels Camp 2017 - Stories from the trenches of building a data architecture
 
Pixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet versionPixels Camp 2017 - Stranger Things the internet version
Pixels Camp 2017 - Stranger Things the internet version
 
The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017The state of cybersecurity in Switzerland - FinTechDay 2017
The state of cybersecurity in Switzerland - FinTechDay 2017
 
Webzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandWebzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in Switzerland
 
BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity BSides Lisbon - Data science, machine learning and cybersecurity
BSides Lisbon - Data science, machine learning and cybersecurity
 
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
I FOR ONE WELCOME OUR NEW CYBER OVERLORDS! AN INTRODUCTION TO THE USE OF MACH...
 
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
BinaryEdge - Security Data Metrics and Measurements at Scale - BSidesLisbon 2015
 
Codebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the winCodebits 2014 - Secure Coding - Gamification and automation for the win
Codebits 2014 - Secure Coding - Gamification and automation for the win
 
Presentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresecPresentation Brucon - Anubisnetworks and PTCoresec
Presentation Brucon - Anubisnetworks and PTCoresec
 
Hardware hacking 101
Hardware hacking 101Hardware hacking 101
Hardware hacking 101
 
Workshop
WorkshopWorkshop
Workshop
 
Preso fcul
Preso fculPreso fcul
Preso fcul
 
(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh(Mis)trusting and (ab)using ssh
(Mis)trusting and (ab)using ssh
 
Booklet
BookletBooklet
Booklet
 
Codebits 2010
Codebits 2010Codebits 2010
Codebits 2010
 

Kürzlich hochgeladen

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Practical exploitation and social engineering

  • 1. Practical Exploitation: Introduction to Metasploit, Social Engineering and a few other tools
  • 2. Speakers BSc, MSc, CEH, CHFI,thought I was going to be a PhD decided to become a ninja instead. BSc, MSc -Now works for ABBAN Breaking servers, sip trunks, and doing research into VoIP and IMS
  • 3. Synopsis – wrong order, all content Introduction to practical exploitation Introduction to cyberstalking Introduction to Metasploit (short) History of metasploit Modules Exploits Payloads Tools Metasploit fundamentals Vulnerability Scanning MSF Databases commands Client side exploits Post Exploitation Meterpreter Armitage Social Engineering SET Types of attacks Infection Media Practical workshop Ps: I know you have high hopes that it will go by this order, but it wont, we are not that organized, and apologize in advance.
  • 4. Workshop During the practical workshop, you will work in pairs, you will be given an IP address to a virtual machine. The objective of this workshop is very simple PWN the living crap out of these virtual machines using techniques that were taught to you during this presentation and read the file password.txt located at Windows/System32 or /home/just4meeting (depending if you get a windows box or a linux box), and sucessfully create your own account on the remote system.
  • 5. Seriouz Business When presenting, we like to talk about both the fun side of things and the bit about serious implications these “fun things” can have in life. During this presentation you will hear a bit about cyberstalking and how these tools work from a cyberstalker perspective and a victim. To write this part of the presentation we worked along side with the brand new UK National Center for Cyberstalking Research, they are cool people and provided us with lots of data and information. http://www.beds.ac.uk/nccr/news
  • 6. Practical exploitation Q:What do we call practical exploitation? On the interwebz you can find many definitions created by “security professionals”, we are not (security professionals), so here is our definition of practical exploitation: Get root and learn how to use current tools to automate and increase the speed when doing a penetration test. Understand how to use the tools past a script kiddie level – aka being able to extend the tool code if needed or combine multiple tools to achieve a target (!!root!!)
  • 7. Cyberstalking Q: What is CYBERSTALKING? A: Cyberstalking is the use of internet and/or other electronic means to stalk or harass an individual. However cyberstalking can be legal and illegal. (To be explained further)
  • 8. Cyberstalking Q: Who practices cyberstalking? You Me
  • 9. Cyberstalking “I’VE NEVER CYBERSTALKED!!!!one!!!eleven!!”
  • 10. Cyberstalking Remember when 2 slides back we said cyberstalking could be both legal and illegal ? This is what we meant... Lets go through a scenario where Cyberstalking would be legal!
  • 11. Cyberstalking Meet Tiago: As you can see, Tiago is ur average 23 year old stud, he likes to go out and party, when he does so he meetssssssssssssss
  • 13. Cyberstalking Tiago has certain things he likes in girls and things he dislikes! Tiago like more then 500million people has a facebook account So Tiago goes and does a bit of Cyberstalking to decide which girls he wants to be friends with or not. Or even possible future girlfriends.
  • 14. Cyberstalking Even without adding these girls to facebook he gets plenty information sometimes to decide if he wants to go further with them.
  • 15. Cyberstalking So, as you can see this is an example of a situation where cyberstalking is perfectly acceptable and legal. You access public information about someone that is in the “cyber” world. This is also an action done sometimes by companies that are considering hiring a certain person, to get some background information on the person.
  • 17. Cyberstalking – Scenario 2 Tiago also knows his way around computers and specifically security and the tools used in infosec. He also knows how to check securitytube and common security websites for different types of attacks. BLACKHAT ON!
  • 18. Cyberstalking – Scenario 2 Analyzing the profiles Tiago decides he wants to go further and know a bit too much about one of these girls.
  • 19. Profiling Tiago starts by getting all sorts of information he can on this girl that might be useful in any way: From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole Using the information collected from this facebook profile we go to google...
  • 20. Profiling <<- OH LOOK THE SIFE THING Quite a few results lets have a look at a few....
  • 21. Profiling From the facebook profile we get that: Her name is Anna Konova She is both a Chelsea and Barça fan She likes Burberry, fashion events, dominoes pizza, and something called SIFE Her favorite music: MJ, Lady gaga, Beyoncé, Alicia Keys, Cheryl Cole From twitter we get 0 From linkedIN: Project manager at Innovate Went to University of Bedfordshire Is looking for new career opportunities etc etc etc SIFE - SIFE is an international non-profit organization that works with leaders in business and higher education to mobilize university students to make a difference in their communities while developing the skills to become socially responsible business leaders.
  • 22. Going over the line How can all this simple, easily accesible information help Tiago cyberstalk someone? Well let me introduce you to METASPLOIT.
  • 23. DEMO 1 – PDF + Email DEMO
  • 24. DEMO 1 – PDF + Email As you can see it wasn’t an attack hard to setup and easily a real life scenario. For those of you that find that attack complicated, we have something for you later on....
  • 25. A bit more on cyberstalking.... Following we will present some data that was provided to us by the Research Center!  coz stats are always fun n giggles!
  • 26. Stats Harrasser – Environment where they are first met
  • 27. Stats Harrasser – Description
  • 28. Stats Fears experienced by those who are harassed
  • 29. Stats Consequences on those being harrased
  • 30.
  • 32. Posing as the victim and attacking others
  • 35. Direct threats through email/instant messaging
  • 37. Transferring attack to victim’s relatives
  • 38. Use of the victim’s image
  • 39. Provoking others to attack the victim
  • 40.
  • 41. Metasploit Exploitation framework Lots of other tools and utilities First written in PERL Then changed to RUBY (THANK GOD) 3 versions – Pro, Express, free
  • 42. Metasploit nowadays... We wont be able to look at all the different components so we will try to focus on the more commonly used ones.
  • 44.
  • 47.
  • 51. Metasploit – Main Modules Exploits – Main module – used to pwn shit! :] Encoders – Used to transform raw versions of payloads Payload – Used to connect to the shit u pwn!
  • 52. Metasploit – Quick Intro Step 1 – Open msfconsole Step 2 – Choose exploit Step 3 – Configure exploit and payload Step 4 – exploit!
  • 53. Metasploit – Intro DEMO DEMO 0
  • 55. Metasploit - Essentials use module- start configuring module show options - show configurable options set varnamevalue - set option exploit - launch exploit module run - launch non-exploit sessions –i n - interact with a session help command - get help for a command
  • 56. Metasploit – Payloads Shell VNC DLLinjection Meterpreter
  • 57. But but but... Am a lazy bastard and I think all the methods uve shown me are too hard 
  • 58. But but but... FINEEEEEEEEEEEEEE Meet: Armitage
  • 59. Meterpreter Meterpreter is COOL Meterpreter is VERY COOL Meterpreter because of a thing called RAILGUN = Full access to windows API What does that mean? This is what it means... You cyberstalkers!
  • 61. Back to seriouz This is all good fun, but shows how easy you can “pwn” and cyberstalk some1 or even be cyberstalked. Advices are the usual: Anti virus updated, Software updated, Firewalls up and running (However that probably wont do you much) 2 best advices I can give: Do not read PDF’s, or if u do read them inside google chrome (coz at least ur sandboxed n shit :D ) ANDDDDDDDDDDD
  • 63. KUDOS FILIPE REIS!!!!!!! ONE ELEVEN!!!!! And more FILIPE REIS! He helped recording the demos and is awesome. Center for Research on Cyberstalking for the data provided The girls for accepting that we had to stay up late. Oh and Chris Bockermann, Bruno Morisson and Oli for allowing me to go home yesterday to write these slides instead of getting us drunk.

Hinweis der Redaktion

  1. Play DEMO 0
  2. DEMO 1 – PDFDEMO 1 - EMAIL
  3. Play DEMO 0
  4. DEMO 3 – Armitage FINAL
  5. DEMO 2 – KEYBDDEMO 2 - C