Saturday, June 23, 2012

BeEF, what a tasty piece of meat: HackPra talk

The 20th of June I gave a seminar at @HackPra in Bochum university, Germany.
First of all, thanks to Mario Heiderich and Marcus Niemietz for the invitation.

The talk went very well, covering several things:
  • communication channels: the default XHR-polling channel, and the new WebSocket channel;
  • XssRays integration: new enhancements (works with Webkit-based browsers that use XssAuditor, IE6 to 10);
  • abusing Chrome extensions: the Fake Flash Update module coded by Mike Haworth, and a few Chrome extension modules we have in BeEF (like the one you can use to inject the hook in all the open tabs). Imagine the impact of this (see screenshot below, where one of the tabs where the BeEF hook was injected is LinkedIn);

  • tunneling proxy: speed/performance enhancements while using WebSockets (4/5x times faster);
  • Evasion extension: for the first time, I was presenting the experimental Evasion extension. The aim of the extension is to obfuscate the hook and all code sent to the hooked browsers in order to evade passive regex-based filters. You can define your own obfuscation techniques, specifying in which order they need to be called. Right now we have 3 techniques: scramble (static string substitution, for example you don't see anymore beef in the hook), minify (awesome to save size) and base64. XOR is coming soon.
The talk went well, and as I promised there were a lot of live demos. Actually only one demo was not live. I've played again the Java mass pwner that uses RESTful API scripts, originally presented at AthCon 2012.

After the talk we all went to a GDATA building together with Karsten Tellmann, Felix @fluxfelix and other guys from @fluxfingers . Meeting Udo Strauch, the guy responsible for food and drinks, was a unique event :D His fine selection of rare beers was amazing: he particularly like some rare beers (honestly I didn't know them) from Teo Musso, an italian guy. The beers where really tasty and flavored, ans 8 to 10 percent :D 




We were partying hard until late in the night. The next day I met up with Reiners, Tilman Frosch, and partially followed (it was in encrypted German) Felix's awesome lecture about reversing.

To conclude, it was a great time. They really took good care of me. Definitely two non-conventional days for a university seminar. Really recommended to everyone (entrance was free as well of course).

You can enjoy the slides/recording here. This was the first time I could watch the recording of my talk the next day :D

No comments:

Post a Comment