Back To Schedule
Friday, September 19 • 1:00pm - 1:45pm
When you can't afford 0days: Client-side exploitation for the masses

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

 A bag of fresh and juicy 0days is certainly something you would love to get
as a Christmas present, but it would probably be just a dream you had one of those drunken nights.

Hold on! Not all is lost! There is still hope for pwning targets without 0days.

We will walk you through multiple real-life examples of client-side pwnage, from tricking the victim to take the bait, to achieving persistence on the compromised system.

The talk will be highly practical and will demonstrate how you can do proper client-side exploitation effectively, simply by abusing existing functionalities of browsers, extensions, legacy features, etc.

We'll delve into Chrome and Firefox extensions (automating various repetitive actions that you'll likely perform in your engagements), HTML applications, abusing User Interface expectations, (Open)Office macros and more. All the attacks are supposed to work on fully patched target software, with a bit of magic trickery as the secret ingredient.

You might already know some of these exploitation vectors, but you might need a way to automate your attacks and tailor them based on the victim language, browser, and whatnot. Either way, if you like offensive security, then this talk is for you.

avatar for Michele Orrù

Michele Orrù

Senior Security Consultant, Trustwave SpiderLAbs
Michele Orru a.k.a. antisnatchor is an IT and ITalian security guy. Lead core developer of the BeEF project, he mainly focuses his research on application security and related exploitation techniques. He is a frequent speaker at hacking conferences, including CONFidence, DeepSec... Read More →

Friday September 19, 2014 1:00pm - 1:45pm MDT
Colorado Ballroom F [Breakers] Denver Marriott City Center