ShmooCon 2013: Hide And Seek, Post-Exploitation Style
For more information and to download the video visit: http://bit.ly/shmoocon2013
Playlist ShmooCon 2013: http://bit.ly/Shmoo13
Speakers: Tim Tomes | TJ O'Connor
Geo-location allows us to translate the virtual location of an object to its physical location on Earth. For benign reasons, applications permit the use of different geo-location techniques. Some methods are transparent to users while others require explicit permission. Our talk briefly covers how geo-location works, discusses specific API Calls and available geo-location databases, and releases several new geo-location tools.
The first tool, Honey Badger, is a robust web based framework built for geo-locating targets. Through native HTML5 and client-side Java, Honey Badger forces the browser to reveal its current physical location to a remote command and control platform. Honey Badger will be released during the talk.
Next, Pushpin is a Python script that scrapes social media around specific geo-coordinates to reveal discussions, images, and videos that might assist during the physical reconnaissance phase of a penetration test. PushPin is currently available.
Finally, we will release a series of Metasploit post/exploitation scripts that can assist in physically identifying a target following a successful compromise. From using a victim's wireless card against them, to scanning the machine for exif enabled imagery and parsing browser databases -- these scripts will assist in getting the "pattern of life" of a hooked victim.
