Gone In 59 Seconds - High Speed Backdoor Injection via Bootable USB

DerbyCon 7.0 - Legacy

Presented by: Piotr Marszalik, Michael Wrzesniak
Date: Sunday September 24, 2017
Time: 11:00 - 11:50
Location: Track 3 - Teach Me

Gaining physical access was trivial, but now the computer is locked (or off) and time is running out…the "SmuggleBus" allows us to take advantage of unencrypted drives to quickly collect local password hashes and implant the backdoor of our choice without modifying any system binaries - all from a bootable USB and in a matter of seconds.

Piotr Marszalik

Piotr Marszalik is an Information Security Consultant and Manager at Crowe Horwath. He specializes in methodology and tool development for Crowe's Penetration Testing and Red Teaming services. Piotr is also an Offensive Security Certified Expert (OSCE). His responsibility at Crowe includes planning and execution of various penetration testing and security awareness assessments. Piotr - @addenial

Michael Wrzesniak

Michael Wrzesniak is a Cybersecurity Consultant at Crowe Horwath. Mike has been involved with Crowe for 2 years. His specialties include penetration testing, web application testing, and malware development. Michael - @_Wrzes


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats