We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

ThruGlassXfer: Remote Access, the APT

10
 Cite
 Share
 Download
 Purchase
No logo availableDEF CON
 Latter, Ian

Formal Metadata

Title
ThruGlassXfer: Remote Access, the APT
Title of Series
Number of Parts
109
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
ThruGlassXfer (TGXf) is a new and exciting technique to steal files from a computer through the screen. Any user that has screen and keyboard access to a shell (CLI, GUI or browser) in an enterprise IT environment has the ability to transfer arbitrary data, code and executables in and out of that environment without raising alarms, today. This includes staff, partners and suppliers, both on and off-shore. And implementation of best practice Data Center (Jump hosts), Perimeter / Remote Access (VPN, VDI, ..) and End Point Security (DLP, AV, ..) architectures have no effect on the outcome. In this session I will take you from first principles to a full exploitation framework. At the end of the session you'll learn how build on this unidirectional file transfer and augment the solution into a full duplex communications channel (a virtual serial link) and then a native PPP link, from an user owned device, through the remote enterprise-controlled screen and keyboard, to the most sensitive infrastructure in the enterprise. In this special DEF CON presentation I will also be releasing the new high-speed data exfiltration tool, hsTGXf. This is an exciting and cross-discipline presentation that picks up the story in the DEC VT220 terminal era and will take you on a journey to exploiting modern enterprise security architectures. So join me, whatever your knowledge or skill-set and learn something interesting! Speaker Bio: A 20 year veteran of the IT industry, Ian has spent 15 years working in security in a number of positions including Penetration Tester, Security Architect and most recently, a Security Governance role at a blue chip corporate. Ian teaches the Practical Threat Intelligence course at Black Hat and has spoken at key international hacking and security conferences including COSAC (Ireland), Ruxcon (Australia), and Kiwicon (New Zealand). If he had spare time, Ian would be pursuing a number of private software and robotics projects, including the Barbie Car that he promised his daughter (wiser friends have advised that I finish this project before she's old enough to ask for a real Corvette).