Sunday, November 4, 2012

Revitalizing the Inter-Protocol Exploitation with BeEF Bind

My last two talks about BeEF were great successes. I presented together with Ty Miller at RuxCon 2012 in the land of the BeEF, Australia. Then I presented the same talk, unfortunately without Ty, at OWASP AppSec USA, in yet another land of the BeEF, Texas (Austin) :D

The first RuxCon talk was on the first day at 9:00AM in the morning, after a drinking night. The room was also much more full at 9:10AM,  and people couldn't get in :D

Ty and Me
Ty and I decided to release the new BeEF Bind research at RuxCon for various reasons:
  •  RuxCon is an old and underground conference, full of proper hackers and friends, not script-kiddies;
  •  many people from the project (Wade, Brendan, Christian, Ben, Scotty, basically everyone except Ryan, Heather, Saafan, Bart, and Quentin and me :-) are from Australia;
  •  I've never been in the land of the kangaroos.

The research is revitalizing Wade's research on IPEC (2007) in the following ways:
  •  We're using XmlHttpRequest instead of HTML forms to send cross-domain POST requests
  •  A new staging shellcode has been developed to be used specifically for this attack technique
  •  Everything has been merged into BeEF, with new exploitation reliability features