A vulnerability exists through the use of Social Networking Sites that could allow the exfiltration /infiltration of data on "secured networks". SNSCat provides a simple to use post-penetration data exfiltration/infiltration and C2 (Command and Control) platform using images and documents on social media sites (Facebook, Google Apps, twitter, imgur, etc). The first part of our presentation will focus on case studies demonstrating the risks assumed by allowing social media sites on business networks both by malicious insiders and outsiders. After coverage of preliminary terms and concepts, we will introduce our tool and show how one can easily move files in and out of a network using social media sites. We will next demonstrate how one can use SNSCat along with the implants we have created to establish full command and control between the controller and the listening agents. Automation of commands is vital in establishing a robust botnet covertly communicating and responding to instructions from the controller. Anonymity is also essential which keeps the attacker and victim networks from ever touching each other. SNSCat is built to provide these very functions! Finally, we will introduce how one can plug in their own home-brewed steganography and cryptology modules as well as how one can build connectors for additional sites into our framework. In a 60 minute presentation, we will show you how to bypass network security equipment via social networking sites to mask data infiltration/exfiltration and C2 from any network with access to social networking sites.
Dan brings a depth and breadth of experience for both the technical and business development side of information security. He has worked and consulted across the commercial, non-profit, academic and government sectors and recognizes the unique needs and constraints within each setting. He has served in roles ranging from proposal development and customer need analysis for high value information security contracts to designing and coding solutions to solve unique and challenging problems in settings with anywhere from a few users to hundreds of thousands of users. Dan holds an Undergraduate Degree in Computer Science and will finish his Masters in Computer Science soon.
Solomon is an avid programmer and researcher focusing on the analysis of malware and computer memory management. Solomon's main research areas center on the discovery of vulnerabilities introduced by the mismanagement of volatile computer memory and resource allocations. Solomon has devoted many hours in academia mentoring students and teaching Computer Science techniques. As a Network Security Engineer, Solomon provides digital forensics capabilities and security solutions to better prevent, detect, respond to and mitigate network penetrations, malware infections and other threats from large-scale enterprise networks for the commercial, private, and government sectors. Solomon received his Undergraduate Degree in Computer Science and is currently pursuing Masters Degrees in Information Systems Engineering and Computer Science.