Archive for November, 2015

Why the government shouldn’t pay for your college (or most other things)

Recently there has been a renewed push, from presidential candidate Bernie Sanders to the “Million Student March” protests, to have 100% government funded college in the US, and similar policies under the banner of socialism. I thought the below tweet captured my thoughts on the matter well, but it also generated its share of negative […]

No Comments

How I used dead drop C2 to hide malicious traffic

Over the past few years, I have been organizing, participating in, and frequently writing software for CCDC red teams. This year, as I’ve been starting to dust off the code, spin up VM’s and test things to see if they still work, it seems my last-ditch covert channel for control and data exfiltration is no longer working. This method was one of my favorites, and to my knowledge was never found by the blue teams…

More advanced solutions, rather than establishing a connection in or out, use a legitimate third party service you can both send data to and read data from as a dead drop site. Dead drop style C2 is more complex, since you must encode and encapsulate your data to fit the medium; there is normally no inherent direction of data flow, just posted or not. Data blobs will almost certainly be read multiple times, out of order, and by every client that is using this C2 method. As a result, you must largely implement your own addressing, sequencing and tagging, and de-duplication for this to be more than a toy proof of concept.

No Comments