Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Blended Threats and JavaScript - A Plan for Permanent Network Compromise

Black Hat via YouTube

Overview

Explore advanced browser-based Intranet attacks and blended threats in this Black Hat USA 2012 conference talk. Delve into the evolution of Web browser exploits since 2006, focusing on how HTML5 and modern technologies have overcome previous limitations. Learn about state-of-the-art JavaScript-based attacks that require minimal user interaction and complete the entire exploit attack cycle. Discover techniques for enumeration, discovery, and escalation of attacks into embedded network devices, ultimately leading to mass-scale permanent compromise. Examine the vulnerabilities of home broadband routers and SOHO devices in enterprise environments. Gain insights into network scanning methods, authentication exploits, firmware modification, and post-exploitation strategies for achieving persistence. Understand the potential worst-case scenarios and implications of these advanced attack methodologies for network security.

Syllabus

Intro
Traditional Browser- Based Attacks
Traditional Network Exploitation
Blended Threats
Why Attack Network Devices?
SOHO Routers in the Enterprise
What Would Be the Worst Case Scenario?
Deployment
Network Scanning, the
Making Network Scanning Better
Limitations of JavaScript Based Network Scanning
Authentication
Basic Auth Brute Force
Modifying Firmware
Steps to deploy firmware
Post-Exploitation
Persistence
Cons
Overview

Taught by

Black Hat

Reviews

Start your review of Blended Threats and JavaScript - A Plan for Permanent Network Compromise

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.