A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Lying in Wait: Discovering and Exploiting Weaknesses in Automated Discovery Actions - Timothy Wright, Jacob Griffith Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Lying in Wait: Discovering and Exploiting Weaknesses in Automated Discovery Actions
Timothy Wright, Jacob Griffith
Derbycon 2019

Many IT administration systems on the market today implement some form of automated discovery process for identifying and cataloging new devices attached to the network. These discovery services often use valid credentials to access the devices for credentialed reviews/scans to improve the accuracy of the reporting. To make matters worse, these credentials are often elevated on the network and potentially whitelisted from any deception or endpoint protection suites.In this talk, we will outline several ways to abuse these services to gain legitimate credentials for a given network. Specifically, our research focused on a couple common security and management systems, but the implications are widespread. Research and tools to be released at con to help red teams demo risk.

Timothy Wright is the team lead of a large power utility in central Ohio has 22 years of Cyber security experience. The last 6 years he has been the team lead of the internal red team and focuses on scoping and executing penetration tests, red team engagements and hardware security assessments. Jacob Griffith is a Cyber Security Technical Specialist with two years experience in Vulnerability Management.Jacob graduated from Columbus State Community College with his Associates Degree in Network Security and has obtained his OSCP certification.

@redteam_hack, @maddhatt3r2

Back to Derbycon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast