A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Pwning in the Sandbox: OSX Macro Exploitation & Beyond - Adam Gold, Danny Chrastil Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Pwning in the Sandbox: OSX Macro Exploitation & Beyond
Adam Gold, Danny Chrastil
Derbycon 2018

While performing red team engagements against a hybrid OSX/Windows environment we were challenged with creating successful maldocs targeting OSX systems with the up to date Microsoft Office Suite, which is protected by the OSX sandbox. After jumping through many hurdles both with VBA version conflicts and sandbox restrictions we successfully created our payload along with a post exploitation process to gather and exfil data from within the sandbox. Adam will share his experience with working with Apple security experts to block these attacks and put protections with a corporate environment. This is a perfect love story of Purple teaming which resulted in creating a more secure environment. Also, the mitigation we will be sharing for these attacks has not been publicly released by anyone including Apple at this point in time.

With over 10 years’ experience in the information technology and cyber security fields, Adam has been recognized as an expert in these areas, strengthening the overall security posture for many organizations including NATO, Hewlett-Packard, Department of the Navy, and more recently, Walmart's Security Operations Center. Over the course of his career, Adam has specialized in development, innovation, and various defensive capabilities. Daniel Chrastil has over 10 years experience in security ranging from red teaming for the world's largest commercial organization, hacking web and mobile applications, developing and hosting CTFs, and building secure web application environments. Daniel uses his skills from his past life as a web developer and system administrator to develop open source security tools for the security community and is developer for the Empire Framework project.

@import_au, @DisK0nn3cT

Back to Derbycon 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast