Explore an in-depth analysis of CMS brute-forcing malware and botnets in this 39-minute conference talk from BruCON Security Conference. Gain insights into the landscape of Content Management System (CMS) attacks, focusing on WordPress vulnerabilities and weak password exploitation. Compare prominent brute-forcing botnets, examining their technical capabilities and attack strategies. Delve into a real-life case study of the Sathurbot trojan, analyzing its modules, infrastructure, target selection, and attack patterns. Learn about detection methods for identifying CMS brute-forcing attacks and understand the evolving threats facing website security. Discover the emotional ups and downs of cybersecurity research while exploring the technical intricacies of modular botnets, search engine manipulation, and WordPress framework vulnerabilities.
Overview
Syllabus
Intro
EMOTIONAL UPS AND DOWNS OF DOING RESEARCH
BRUTE FORCING MALWARE OVERVIEW
2014 Mayhem
2015 CMS Catcher
MODULAR BOTNET
URL PATTERN OF THE INFECTED TORRENTS
SEARCH ENGINES QUERY
WORDPRESS FRAMEWORK CHECK
ATTACK WITH XML-RPC
TRIES TO BRUTE FORCE
FROM V.1 TO V.3
CONNECTION SEQUENCE
DOMAINS
WHAT DID WE LEARN?
Taught by
BruCON Security Conference
