DEF CON 31 - The Art of Compromising C2 Servers A Web App Vulns Perspective - Vangelis Stykas

Поделиться
HTML-код
  • Опубликовано: 2 окт 2024
  • C2 servers of mobile and Windows malware are usually left to their own fate after they have been discovered and the malware is no longer effective. We are going to take a deep dive into the rabbit hole of attacking and owning C2 servers, exposing details about their infrastructure, code bases, and the identity of the companies and individuals that operate and profit from them.
    While understanding and reversing malware is a highly skilled procedure, attacking the C2 itself rarely requires a lot of technical skills. Most of the C2 servers have the same typical HTTP problems that can be detected by off-the-shelf vulnerability scanners.
    By exploiting low-hanging fruit vulnerabilities, an attacker can obtain unauthorized access to administrative functions, allowing them to command thousands of devices and further explore other attack vectors. This can give them access to administrator panels and malware source code, and result in the identity of threat actors being exposed.

Комментарии • 15

  • @iwuvu5940
    @iwuvu5940 Год назад +3

    Keep uploading these videos, people like me actually listen to these to learn stuff about hacking

  • @majdps995
    @majdps995 Год назад +5

    Great talk!
    Pawning C2s is something that I wanted to test a long time ago but was lazy to do it.
    Many C2s that are made by none state sponsored criminals are of mid-low quality and does not follow any best practices at all. It is because they put most of the work in their malware itself and most of that work comprises of copying and pasting code from other sources, even if they don't understand what the code does. Very few out there that really take care of their opsec and the security of their malware.
    I would say that many C2s have become better than before in terms of security, and this is due to the adoption of web frameworks such as laravel and django. However, as demonstrated in the video, they still have bad security because of bad practices.

  • @MrMitchell699
    @MrMitchell699 Год назад +3

    So why didn't he hit the delete all button?

    • @TheCramik
      @TheCramik Год назад +11

      because they would rebuild on different servers, patch issues, etc. The longterm effects of leaving cronjobs that only delete small portions and backdoors is likely to be more significant

  • @fiendlybrds
    @fiendlybrds Год назад +12

    2x speed, this is a great talk.

    • @anastasiszaro
      @anastasiszaro Год назад +1

      typical Greek speaking English xD
      Bonus: if you're Greek in Thessaloniki then you also have the same speed when speaking Greek

  • @LasArmas_
    @LasArmas_ Год назад +1

    Thank you from an Anxrquista

  • @LasArmas_
    @LasArmas_ Год назад +1

    Working together we can do better

  • @deeglik
    @deeglik Год назад

    Brilliant Talk!!!!

  • @MFoster392
    @MFoster392 Год назад

    Great talk STÖK

  • @azharshah316
    @azharshah316 Год назад

    If you dont know what a botnet is ..................... 😁

Следующие
Автовоспроизведение
DEF CON 31 War Stories - A Series of Unfortunate Events - Ben Sadeghipour, Corben Leo34:09DEF CON 31 War Stories - A Series of Unfortunate Events - Ben Sadeghipour, Corben Leo
DEF CON 31 War Stories - A Series of Unfortunate Events - Ben Sadeghipour, Corben LeoDEFCONConference
Просмотров 23 тыс.
DEF CON 31 - Ringhopper - How We Almost Zero day’d the World - Benny Zeltser, Jonathan Lusky39:49DEF CON 31 - Ringhopper - How We Almost Zero day’d the World - Benny Zeltser, Jonathan Lusky
DEF CON 31 - Ringhopper - How We Almost Zero day’d the World - Benny Zeltser, Jonathan LuskyDEFCONConference
Просмотров 71 тыс.
Hacking the Hackers: The Art of Compromising C2 Servers with Vangelis Stykas34:39Hacking the Hackers: The Art of Compromising C2 Servers with Vangelis Stykas
Hacking the Hackers: The Art of Compromising C2 Servers with Vangelis StykasThe Security Repo
Просмотров 3,3 тыс.
Slipknot’s Corey Taylor vs. Shawn “Clown” Crahan | Hot Ones Versus15:59Slipknot’s Corey Taylor vs. Shawn “Clown” Crahan | Hot Ones Versus
Slipknot’s Corey Taylor vs. Shawn “Clown” Crahan | Hot Ones VersusFirst We Feast
Просмотров 860 тыс.
The Lore of Elden Ring's FOULEST Dragon53:23The Lore of Elden Ring's FOULEST Dragon
The Lore of Elden Ring's FOULEST DragonVaatiVidya
Просмотров 605 тыс.
Iran threatens new “crushing attack” on Israel after launching more than 180 missiles | BBC News16:53Iran threatens new “crushing attack” on Israel after launching more than 180 missiles | BBC News
Iran threatens new “crushing attack” on Israel after launching more than 180 missiles | BBC NewsBBC News
Просмотров 2,1 млн
True Facts: How Jellyfish Hunt12:05True Facts: How Jellyfish Hunt
True Facts: How Jellyfish HuntZe Frank
Просмотров 437 тыс.
DEF CON 31 - Private Keys in Public Places - Tom Pohl40:06DEF CON 31 - Private Keys in Public Places - Tom Pohl
DEF CON 31 - Private Keys in Public Places - Tom PohlDEFCONConference
Просмотров 53 тыс.
Carsten Windler - How to build sustainable web applications - PHPDD2024 (+ conference closing)49:55Carsten Windler - How to build sustainable web applications - PHPDD2024 (+ conference closing)
Carsten Windler - How to build sustainable web applications - PHPDD2024 (+ conference closing)PHP USERGROUP DRESDEN e.V.
Просмотров 111
DEF CON 31 - Contactless Overflow Code Execution in Payment Terminals & ATMs - Josep Rodriguez39:44DEF CON 31 - Contactless Overflow Code Execution in Payment Terminals & ATMs - Josep Rodriguez
DEF CON 31 - Contactless Overflow Code Execution in Payment Terminals & ATMs - Josep RodriguezDEFCONConference
Просмотров 106 тыс.
Negative Time is Real, Physicists Confirm. Kind Of.6:59Negative Time is Real, Physicists Confirm. Kind Of.
Negative Time is Real, Physicists Confirm. Kind Of.Sabine Hossenfelder
Просмотров 19 тыс.
DEF CON 31 - SpamChannel - Spoofing Emails From 2M+ Domains & Virtually Becoming Satan - byt3bl33d3r37:23DEF CON 31 - SpamChannel - Spoofing Emails From 2M+ Domains & Virtually Becoming Satan - byt3bl33d3r
DEF CON 31 - SpamChannel - Spoofing Emails From 2M+ Domains & Virtually Becoming Satan - byt3bl33d3rDEFCONConference
Просмотров 132 тыс.
DEF CON 31 - Weaponizing Plain Text ANSI Escape Sequences as a Forensic Nightmare - STÖK40:31DEF CON 31 - Weaponizing Plain Text ANSI Escape Sequences as a Forensic Nightmare - STÖK
DEF CON 31 - Weaponizing Plain Text ANSI Escape Sequences as a Forensic Nightmare - STÖKDEFCONConference
Просмотров 90 тыс.
DEF CON 31 - certmitm Automatic Exploitation of TLS Certificate Validation Vulns - Aapo Oksman50:09DEF CON 31 - certmitm Automatic Exploitation of TLS Certificate Validation Vulns - Aapo Oksman
DEF CON 31 - certmitm Automatic Exploitation of TLS Certificate Validation Vulns - Aapo OksmanDEFCONConference
Просмотров 12 тыс.
DEF CON 31 - Snoop On To Them, As They Snoop On To Us - Alan Meekins23:23DEF CON 31 - Snoop On To Them, As They Snoop On To Us - Alan Meekins
DEF CON 31 - Snoop On To Them, As They Snoop On To Us - Alan MeekinsDEFCONConference
Просмотров 31 тыс.
DEF CON 32: Past, Present, Future of AI & Bioweapons33:03DEF CON 32: Past, Present, Future of AI & Bioweapons
DEF CON 32: Past, Present, Future of AI & BioweaponsMeow-Ludo TV
Просмотров 522
Праздничный рулет для 1🍋 подписчиков!00:57Праздничный рулет для 1🍋 подписчиков!
Праздничный рулет для 1🍋 подписчиков!dacooker_
Просмотров 135 тыс.
СНЯЛ ВСЕ ОГРАНИЧЕНИЯ В ДОТЕ И СЛОМАЛ ИГРУ😰38:08СНЯЛ ВСЕ ОГРАНИЧЕНИЯ В ДОТЕ И СЛОМАЛ ИГРУ😰
СНЯЛ ВСЕ ОГРАНИЧЕНИЯ В ДОТЕ И СЛОМАЛ ИГРУ😰Meeponegeroi
Просмотров 449 тыс.
iPhone 16 & beats 📦00:30iPhone 16 & beats 📦
iPhone 16 & beats 📦serg1us
Просмотров 64 тыс.
Сотни ракет Ирана, тревога по всей стране, стрельба в Тель-Авиве: Израиль после вторжения в Ливан08:55Сотни ракет Ирана, тревога по всей стране, стрельба в Тель-Авиве: Израиль после вторжения в Ливан
Сотни ракет Ирана, тревога по всей стране, стрельба в Тель-Авиве: Израиль после вторжения в ЛиванRTVI Новости
Просмотров 1,4 млн
⚡️БРЕЛОКИ И НОВАЯ ОПЕРАЦИЯ В КС2 - ОБЗОР12:26⚡️БРЕЛОКИ И НОВАЯ ОПЕРАЦИЯ В КС2 – ОБЗОР
⚡️БРЕЛОКИ И НОВАЯ ОПЕРАЦИЯ В КС2 - ОБЗОРЭрик Шоков
Просмотров 93 тыс.
ШПИОН в реальной жизни!** Егорик, Братишкин, Амина, Саня Монтажник, Прокофьев**38:53ШПИОН в реальной жизни!** Егорик, Братишкин, Амина, Саня Монтажник, Прокофьев**
ШПИОН в реальной жизни!** Егорик, Братишкин, Амина, Саня Монтажник, Прокофьев**ЯЯНА
Просмотров 581 тыс.
СОЛНЕЧНОЕ ЗАТМЕНИЕ 2 ОКТЯБРЯ 2024 года САМОЕ ПОЗИТИВНОЕ для всех знаков зодиака от ANGELA PEARL54:04СОЛНЕЧНОЕ ЗАТМЕНИЕ 2 ОКТЯБРЯ 2024 года САМОЕ ПОЗИТИВНОЕ для всех знаков зодиака от ANGELA PEARL
СОЛНЕЧНОЕ ЗАТМЕНИЕ 2 ОКТЯБРЯ 2024 года САМОЕ ПОЗИТИВНОЕ для всех знаков зодиака от ANGELA PEARLAngela Pearl
Просмотров 714 тыс.
Повторила танец из клипа Котик!00:10Повторила танец из клипа Котик!
Повторила танец из клипа Котик!POLI
Просмотров 95 тыс.