Circumventing Egress Filtering by Exploiting HTTP

Explore a Security BSides London conference talk on circumventing egress filtering through HTTP exploitation. Dive into the "transfer-encoding: chunked" mechanism for faster web shells, introduced during a red team engagement where traditional reverse and bind shells were ineffective. Learn about ChunkyTuna, a web shell that allows pivoting through compromised servers to reach deeper into target networks. Understand how this tool improves upon TUNNA by utilizing HTTP's chunked transfer encoding, offering near-direct access to STDIO streams of arbitrary processes or IO streams of TCP ports. Gain insights into advanced penetration testing techniques and network security vulnerabilities in this 23-minute presentation.