Snarf - Capitalizing on Man-in-the-Middle

DerbyCon 4.0 - Family Rootz

Presented by: Victor Mata, Josh Stone
Date: Saturday September 27, 2014
Time: 18:30 - 18:55
Location: Stable Talks

In this presentation- Josh and Victor will present -Snarf- a tool that changes up the process for relaying SMB (and other protocols) so that the penetration tester can get more practical value out of a relayed session. Most relaying approaches require the attacker to define the payload in advance- and are one-shot wonders -- they either work or they fail -- and you don’t get a second chance. The Snarf approach retains a relayed session when the victim releases it- allowing the attacker to jack in other tools to run multiple payloads and interact with the target service. This allows live experimentation during the penetration test (without ever knowing the credentials!)- and makes real-world exploitation of relay scenarios much easier and more practical. We will also present how this approach can be generalized for other protocols- and will demonstrate a variant of Snarf weaponized for attacking MySQL database sessions.

Victor Mata

Josh Stone


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats