Zombie Crush: Exploiting Malicious C2 Servers

Content here is from the hands-on workshop at BsidesSLC on March 10th 2016 .

Thank you to everyone who attended and especially those individuals who have sent me feedback via @TweekFawkes

 

Overview

BlackHat hackers ravage computer systems, infecting them with malware, and acquiring information for their own means but do these hackers stop and think about the security posture of their own hacking infrastructure? Join us as we dive into a series of interactive hands-on labs where we apply our knowledge of common web application vulnerabilities (e.g. SQLi, XSS, CSRF, etc...) to research and develop exploits for malicious C2 servers commonly used by Black hat hackers to manage their botnets of zombie computers.

 

Hands-on Labs

The following files are for use with the hands-on labs:

 

Student Requirements

Students should...

  • Download and Install Kali 2.x Linux x64
  • Download and Install target VMs (that will be provided via download)

Students should bring:

  • a laptop with VMware Workstation or Player preinstalled
  • at least 60 GB HD free
  • a laptop capable of running two (preferably three) virtual machines simultaneously using either VMWare Workstation or Player
  • a laptop with administrator access to allow for modifying network configuration, sniffing traffic, disabling of security software, etc....
  • a laptop with ability to use a wired ethernet connection
  • a reasonable sized display is highly recommended

Students should have at least:

  • Some knowledge of basic networking concepts (e.g. TCP/IP, DNS, DHCP, etc...)
  • Some previous experience testing web applications for common vulnerabilities (SQLi, XSS, etc...)
  • Some experience with programming web applications (i.e. PHP) will be helpful but is not required
  • Some experience with penetration testing techniques or frameworks (i.e. Metasploit) will be helpful but is not required