A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Backdooring with Metadata - Itzik Kotler (Circle City Con 2018 Videos) (Hacking Illustrated Series InfoSec Tutorial Videos)

Backdooring with Metadata
Itzik Kotler

@itzikkotler
Circle City Con 2018

Not all binaries were created equal--, some are small, some are big, and some can be abused to gain arbitrary code execution. In this talk, I'll demo how tens of popular, already-installed binaries in popular OS's such as Linux, FreeBSD, Oracle Solaris, macOS etc. can be turned into backdoors with just one command-line. The icing on the cake? That one command-line won't change the content or size of binaries, it will only change the metadata. Come see how you can save disk space and bandwidth in your next red team / penetration testing engagement.

Itzik Kotler is CTO and Co-Founder of SafeBreach. Itzik has more than a decade of experience researching and working in the computer security space. He is a recognized industry speaker, having spoken at DEFCON, Black Hat USA, Hack In The Box, RSA, CCC and H2HC. Prior to founding SafeBreach, Itzik served as CTO at Security-Art, an information security consulting firm, and before that he was SOC Team Leader at Radware. (NASDQ: RDWR).

Back to Circle City Con 2018 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast