Flying A False Flag: Advanced C2, Trust Conflicts, And Domain Takeover

2BEwqbCbQuM/default.jpg

By Nick Landers

This talk will discuss the methodology, selection process, and challenges of modern C2. It will cover the details of recent HTTP/S advancements and tooling for new cloud service primitives such as SQS, AppSpot, S3, and CloudFront. We will demonstrate how trust can be abused for stealthy C2 techniques via internal mail servers, defensive platforms, and trusted domains. We will also cover the various options for domain takeover, and release tooling for exploiting domain takeover scenarios in Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP).

Full Abstract & Presentation Slides: https://www.blackhat.com/us-19/briefi...

2BEwqbCbQuM/default.jpg
Flying A False Flag: Advanced C2, Trust Conflicts, And Domain Takeover Flying A False Flag: Advanced C2, Trust Conflicts, And Domain Takeover Reviewed by Unknown on September 23, 2019 Rating: 5