All2022UK

Paving The Way To DA – A Live (Hopefully) Path of Pwnage

Presentation

While the security world lusts over the latest and greatest exploits and techniques, some old but gold techniques continue to work and allow attackers on your network to elevate, traverse and attack critical systems. This talk will take you, the audience, through various paths to elevated positions within a network; the aim is to perform several attack paths as live demos(we’ll record some ahead of time in case the demo gods hate us! or the world burns down during our talk).

Andy Gill and Neil Lines will walk through some familiar and lesser-known attacks in a live hack scenario environment simulating an insider threat within a fictional network of a fictional corp. They will discuss and show some techniques for data harvesting, traversal, and exploitation of misconfigurations in the said environment to gain the Crown Jewels of sensitive information and domain/enterprise administrator.

Event::Steelcon

Presenters::Andy Gill & Neil Lines

Date::Jul 23, 2022

Location::Sheffield Hallam University, Owen Building, Howard Street, Sheffield S1 1WB, United Kingdomw

Murder! Mossad? Watching SE experts in the real world, literally getting away with murder.

Presentation

We’re often asked, how can I watch or see Social Engineering (SE) in person so I can learn from an expert. The answer is, with difficulty. Until now. In 2010, what appears to be Mossad performed an operation in a foreign country. Most of which were captured on CCTV and published.

We’ve taken the CCTV footage and broken down multiple sections to highlight and show various SE techniques in the wild. These are important, but also simple techniques that really work. They worked so well that they literally got away with murder.

Some key points that will be covered are matching dress styles (to look like a hotel employee), reconnaissance, building your pre-text (and matching outfit to support that pre-text), and interacting with other people (members of the public and hotel staff) to prevent access to areas the attackers wanted to be kept quiet.

All of these are important tools to learn and use, which can help you make a start in social engineering, and are the exact tools I’ve used many times to successfully gain access to places I definitely shouldn’t be.

Event::Steelcon

Presenters::Chris Pritchard

Date::Jul 23, 2022

Location::Sheffield Hallam University, Owen Building, Howard Street, Sheffield S1 1WB, United Kingdomw

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Email Us

©2019 Lares, LLC | All rights reserved.
Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.