Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive DEF CON 31 conference talk that delves into the vulnerabilities of Command and Control (C2) servers used by mobile and Windows malware. Learn how these servers, often abandoned after malware discovery, can be compromised through common web application vulnerabilities rather than complex technical exploits. Discover techniques for gaining unauthorized administrative access, controlling infected devices, and exposing threat actors' infrastructure and identities. Understand how basic HTTP vulnerabilities, detectable by standard security tools, can lead to significant breaches in malware operations, providing access to admin panels, source code, and operator information. Master the methodology of targeting these servers to uncover valuable intelligence about malware operations and the individuals profiting from them.