Presentation is loading. Please wait.

Presentation is loading. Please wait.

Backdooring enemies with a Proxy …..

Published byMargaretMargaret Pitts Modified over 6 years ago

Similar presentations

Presentation on theme: "Backdooring enemies with a Proxy ….."— Presentation transcript:

1 Backdooring enemies with a Proxy …..
Jovin Lobo & Aditya Vasekar

2 About Us ‘Security Enthusiasts’ from Pune
Members of null – The Open Security Community ( Recurring null Pune Chapter meets Work as Information Security Analysts. Like to research and present on random security subjects … Twitter: @7h3_j0k3r @adityavasekar

3 Why this Talk ? Were inspired by Cheema Alonso’s talk on creating JavaScript Botnets. Wanted to create a similar POC and use it for gathering intel. This talk is more of a ‘blueprint’ for configuring and deploying a Proxy that adds Javascript backdoors/malicious code. Wanted to share the dangers of using online anonymous proxies. Most importantly – We were excited to c0c0n 2016 

4 What is a Anonymous Proxy ?

5 Free Proxies …. Are they really free ?

6 Malicious users behind Proxies

7 How Our Proxy works

8 Getting a foot in their Browsers

9 The Components used Squid + URL rewrite Javascript Payload
What's Squid ? What's URL rewrite program in Squid ? Javascript Payload Log Analyzers Analyzing Squid Logs

10 SQUID Proxy Squid is a Unix based proxy server which caches the Internet content closer to a requestor than its original point. ISPs are using it since long time for faster downloads and other stuff. Its open source.

11 How Squid Works for backdooring end Users.
Look for specific requests (eg: .js files) Download the JavaScript file. Append this JS file with our Javascript Payload. Serve the end user this modified Javascript file.

12

13 Demo – Bringing it all together

14 Beef framework The Browser exploitation framework, used as a penetration testing tool which focuses on the browser based attacks.

15 Analyzing Logs …

16 Logstash Have ability to process logs from different systems and events. Can be extended to the custom log formats.

17 Elastic search Open source under Apache License.
A distributed RESTful search engine, specifically developed for the cloud. Built on the top of Lucene. Reliable, Asynchronous Write Behind for long term persistency. Supports different set of API: HTTP restful API, Native Java API Multi Tenant with Multi Types

18 kibana It’s a flexible visualization platform, which can present with the real-time summary and charting of data. Variety of interfaces to interact and represent to. Dashboards.

19 Any Questions ?

20 Thank You

21 NO really …

Download ppt "Backdooring enemies with a Proxy ….."

Similar presentations

Name Title Company Microsoft SharePoint 2010 The business collaboration platform for the Enterprise and the Web.

Name Title Company Microsoft SharePoint 2010 The business collaboration platform for the Enterprise and the Web.
Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
ESRI Geoportal Extension 10 November 2010 Out-of-the-box capabilities and additional options.

ESRI Geoportal Extension 10 November 2010 Out-of-the-box capabilities and additional options.
0 Leveraging External Data In SharePoint John Ramminger.

0 Leveraging External Data In SharePoint John Ramminger.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Cloud Computing Lecture #7 Introduction to Ajax Jimmy Lin The iSchool University of Maryland Wednesday, October 15, 2008 This work is licensed under a.

Cloud Computing Lecture #7 Introduction to Ajax Jimmy Lin The iSchool University of Maryland Wednesday, October 15, 2008 This work is licensed under a.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
When Good Services Go Wild: Reassembling Web Services for Unintended Purposes Feng Lu, Jiaqi Zhang, Stefan Savage UC San Diego.

When Good Services Go Wild: Reassembling Web Services for Unintended Purposes Feng Lu, Jiaqi Zhang, Stefan Savage UC San Diego.
Chapter 2 Architectural Models. Keywords Middleware Interface vs. implementation Client-server models OOP.

Chapter 2 Architectural Models. Keywords Middleware Interface vs. implementation Client-server models OOP.
Lightning Talk Fred Rodriguez Nguyen Do CPSC 473 May 6, 2012.

Lightning Talk Fred Rodriguez Nguyen Do CPSC 473 May 6, 2012.
An Introduction to ASP.NET Ed Dunhill blogs.msdn.com/edunhill SLIDE7.

An Introduction to ASP.NET Ed Dunhill blogs.msdn.com/edunhill SLIDE7.
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
Fundamentals of Database Chapter 7 Database Technologies.

Fundamentals of Database Chapter 7 Database Technologies.
THttpServer class Sergey Linev (GSI). Some history Development was inspired by JSRootIO why not achieve similar functionality with online ROOT application?

THttpServer class Sergey Linev (GSI). Some history Development was inspired by JSRootIO why not achieve similar functionality with online ROOT application?
Module 10: Monitoring ISA Server 2004. Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
Business Intelligence (BI) Primer BI Tools in SharePoint 2010 Excel Services Performance Point Services.

Business Intelligence (BI) Primer BI Tools in SharePoint 2010 Excel Services Performance Point Services.
Data Visualization Project B.Tech Major Project Project Guide Dr. Naresh Nagwani Project Team Members Pawan Singh Sumit Guha.

Data Visualization Project B.Tech Major Project Project Guide Dr. Naresh Nagwani Project Team Members Pawan Singh Sumit Guha.
Using the Bookshare API July 2010. Why do it? Developed in 2008, provides 3rd party developers access to Bookshare functionality in any application It.

Using the Bookshare API July Why do it? Developed in 2008, provides 3rd party developers access to Bookshare functionality in any application It.
REAL WORLD AJAX MARCH 2006 1 TIBCO USER CONFERENCE / 2004 Enterprise Rich Internet Applications with AJAX Real World Case Studies with TIBCO General Interface™

REAL WORLD AJAX MARCH TIBCO USER CONFERENCE / 2004 Enterprise Rich Internet Applications with AJAX Real World Case Studies with TIBCO General Interface™
Dean Anderson Polk County, Oregon GIS in Action 2014 Modifying Open Source Software (A Case Study)

Dean Anderson Polk County, Oregon GIS in Action 2014 Modifying Open Source Software (A Case Study)

Similar presentations

Ads by Google