Loading…
CircleCityCon 2016 has ended
Back To Schedule
Sunday, June 12 • 10:00am - 11:00am
A Major New Trend in the Enterprise is Whitelisted Proxies

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

A major new trend in the enterprise is whitelisted proxies. Enterprises (and by enterprise we mean large companies, not java) love their perimeter because, well, let’s face it, everything’s broken inside. However they still want their employees to have internet access as it is critical but they have a flat network. The current trend is whitelisting all traffic and doing an SSL Man-In-The-Middle. Our goal is to show that that does absolutely nothing by exfilling through commonly whitelisted platforms and using steganography to hide all the data.

We have written tools that allow covert communication through youtube and twitter to establish a reverse shell. Using the steganography from the exfil toolkit (which will be released under the GPL) we will incorporate steganography into youtube comments so that even with ssl decryption it just looks like a drunk youtube commenter. With twitter there is text stego but also images can contain steganography. We will also discuss polymorphism in stego algorithms to evade heuristics.


Sunday June 12, 2016 10:00am - 11:00am EDT
Track 1 – Cap 1