Explore a new web attack vector called Reflected File Download (RFD) in this Black Hat conference talk. Learn how attackers can exploit trusted domains to download malicious files without uploading them, bypassing security measures and potentially running shell commands on victims' computers. Discover the mechanics of RFD attacks, their impact on popular websites like Google and Bing, and how they can be used to create cross-social-network worms. Gain insights into the attack's requirements, exploitation techniques, and potential countermeasures. Witness live demonstrations showcasing the power of RFD, including examples on Gmail and Google.com. Understand the implications for web security and learn about proposed solutions to mitigate this threat.
Overview
Syllabus
Intro
Las Vegas
Security conferences
Introduction
Agenda
About Me
Windows Calculator
What Happened
Why Reflected File Download
How Do We Trust Downloads
Conclusion
What is RFD
Download Reflected File
Final Result
Warning
Windows Security Feature Bypass
Batch File Bypass
Final Link
Example
Requirements
Where can we find it
Which exploit to use
Why work hard
Whitepaper
Advanced exploitation
PowerShell
Commandline Options
Chrome Setup
Build Exploit
Demo
Gmail
Verify download
Read emails
Cross social network warm
Cross social network warm demo
Googlecom warm demo
Use exact URL mappings
Whitelist callbacks
Remove support for path parameters
Summary
Quote
Questions
Taught by
Black Hat
