Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Advanced Data Exfiltration The Way Q Would Have Done It
1. Iftach Ian Amit | November 2011
Advanced Data Exfiltration
The way Q would have done it
Iftach Ian Amit
VP Consulting
DC9723
CSA-IL Board member
IL-CERT Visionary
All rights reserved to Security Art ltd. 2002-2011 www.security-art.com
2. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
3. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
4. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
5. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
6. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
7. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
8. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
9. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
10. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
11. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
12. Iftach Ian Amit | November 2011
whoami
All rights reserved to Security Art ltd. 2002-2011 2
13. Iftach Ian Amit | November 2011
Agenda
All rights reserved to Security Art ltd. 2002-2011 3
14. Iftach Ian Amit | November 2011
Agenda
All rights reserved to Security Art ltd. 2002-2011 3
15. Iftach Ian Amit | November 2011
Agenda
All rights reserved to Security Art ltd. 2002-2011 3
16. Iftach Ian Amit | November 2011
Agenda
All rights reserved to Security Art ltd. 2002-2011 3
17. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 4
18. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 5
19. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 5
20. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 5
21. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 5
22. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 5
23. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 6
24. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 6
25. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 6
26. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 6
27. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 6
28. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 6
29. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 6
30. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 7
31. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 7
32. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 7
33. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 7
34. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 7
35. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 7
36. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 8
37. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 8
38. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 8
39. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 8
40. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 9
41. Iftach Ian Amit | November 2011
• eMails, web links,
phishing...
All rights reserved to Security Art ltd. 2002-2011 9
42. Iftach Ian Amit | November 2011
• eMails, web links,
phishing...
• Works like a charm!
All rights reserved to Security Art ltd. 2002-2011 9
43. Iftach Ian Amit | November 2011
• eMails, web links,
phishing...
• Works like a charm!
• And can be mostly
automated
All rights reserved to Security Art ltd. 2002-2011 9
44. Iftach Ian Amit | November 2011
• eMails, web links,
phishing...
• Works like a charm!
• And can be mostly
automated
• SET to the rescue
All rights reserved to Security Art ltd. 2002-2011 9
45. Iftach Ian Amit | November 2011
• eMails, web links,
phishing...
• Works like a charm!
• And can be mostly
automated
• SET to the rescue
All rights reserved to Security Art ltd. 2002-2011 9
46. Iftach Ian Amit | November 2011
And... being nice/nasty/
obnoxious/needy always
helps!
All rights reserved to Security Art ltd. 2002-2011 10
47. Iftach Ian Amit | November 2011
And... being nice/nasty/
obnoxious/needy always
helps!
All rights reserved to Security Art ltd. 2002-2011 10
48. Iftach Ian Amit | November 2011
And... being nice/nasty/
obnoxious/needy always
helps!
All rights reserved to Security Art ltd. 2002-2011 10
49. Iftach Ian Amit | November 2011
And... being nice/nasty/
obnoxious/needy always
helps!
All rights reserved to Security Art ltd. 2002-2011 10
50. Iftach Ian Amit | November 2011
And... being nice/nasty/
obnoxious/needy always
helps!
All rights reserved to Security Art ltd. 2002-2011 10
51. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 11
52. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 11
53. Iftach Ian Amit | November 2011
Internet
3rd party
You!
Target
All rights reserved to Security Art ltd. 2002-2011 11
54. Iftach Ian Amit | November 2011
Internet
3rd party
You!
Target
All rights reserved to Security Art ltd. 2002-2011 11
55. Iftach Ian Amit | November 2011
Internet
3rd party
You!
Target
All rights reserved to Security Art ltd. 2002-2011 11
56. Iftach Ian Amit | November 2011
Internet
3rd party
You!
Target
All rights reserved to Security Art ltd. 2002-2011 11
57. Iftach Ian Amit | November 2011
Internet
3rd party
You!
Target
All rights reserved to Security Art ltd. 2002-2011 11
58. Iftach Ian Amit | November 2011
Internet
3rd party
You!
Target
All rights reserved to Security Art ltd. 2002-2011 11
59. Iftach Ian Amit | November 2011
Internet
3rd party
You!
Target
All rights reserved to Security Art ltd. 2002-2011 11
60. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 12
61. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 12
62. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 12
63. Iftach Ian Amit | November 2011
What is the
target “willing”
to tell about
itself?
All rights reserved to Security Art ltd. 2002-2011 13
64. Iftach Ian Amit | November 2011
What is the
target “willing”
to tell about
itself?
All rights reserved to Security Art ltd. 2002-2011 13
65. Iftach Ian Amit | November 2011
What is the
target “willing”
to tell about
itself?
All rights reserved to Security Art ltd. 2002-2011 13
66. Iftach Ian Amit | November 2011
Who’s your daddy?
And buddy, and friends, relatives, colleagues...
All rights reserved to Security Art ltd. 2002-2011 14
67. Iftach Ian Amit | November 2011
Who’s your daddy?
And buddy, and friends, relatives, colleagues...
All rights reserved to Security Art ltd. 2002-2011 14
68. Iftach Ian Amit | November 2011
Who’s your daddy?
And buddy, and friends, relatives, colleagues...
All rights reserved to Security Art ltd. 2002-2011 14
69. Iftach Ian Amit | November 2011
Who’s your daddy?
And buddy, and friends, relatives, colleagues...
All rights reserved to Security Art ltd. 2002-2011 14
70. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 15
71. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 15
72. Iftach Ian Amit | November 2011
Select your target wisely
And then craft your payload :-)
All rights reserved to Security Art ltd. 2002-2011 16
73. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 17
74. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 17
75. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 17
76. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 17
77. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 17
78. Iftach Ian Amit | November 2011
• ZeuS: $3000-$5000
• SpyEye: $2500-$4000
• Limbo: $500-$1500
All rights reserved to Security Art ltd. 2002-2011 17
79. Iftach Ian Amit | November 2011
• ZeuS: $3000-$5000
E!
RE
• SpyEye: $2500-$4000
F
• Limbo: $500-$1500
All rights reserved to Security Art ltd. 2002-2011 17
80. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 18
81. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 18
82. Iftach Ian Amit | November 2011
Experienced travelers
know the importance
of packing properly
All rights reserved to Security Art ltd. 2002-2011 18
83. Iftach Ian Amit | November 2011
Experienced travelers
know the importance
of packing properly
All rights reserved to Security Art ltd. 2002-2011 18
84. Iftach Ian Amit | November 2011
• File servers
• Databases
• File types
• Gateways (routes)
• Printers
All rights reserved to Security Art ltd. 2002-2011 19
85. Iftach Ian Amit | November 2011
Mass infection: APT:
5-6 days before 5-6 months before
detection detection
All rights reserved to Security Art ltd. 2002-2011 20
86. Iftach Ian Amit | November 2011
Mass infection: APT:
5-6 days before 5-6 months before
detection detection
All rights reserved to Security Art ltd. 2002-2011 20
87. Iftach Ian Amit | November 2011
Mass infection: APT:
5-6 days before 5-6 months before
detection detection
Frequent updates No* updates
* Almost
All rights reserved to Security Art ltd. 2002-2011 20
88. Iftach Ian Amit | November 2011
PATIENCE
Mass infection: APT:
5-6 days before 5-6 months before
detection detection
Frequent updates No* updates
* Almost
All rights reserved to Security Art ltd. 2002-2011 21
89. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 22
90. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 22
91. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 22
92. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 22
93. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 22
94. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 22
95. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 22
96. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 23
97. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 23
98. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 24
99. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 24
100. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 24
101. Iftach Ian Amit | November 2011
-----BEGIN PGP MESSAGE-----
So...
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
hQMOA1jQIm6UkL4eEAv/W3r/eYLUmqRNi/Jegt72lK6qdBiBfkg9PZ5YKql9CUZp
FGnVk029K3gEVcrA4k7w2aOtP7tYKRF8v4yrZQ9GZ7eXzR7+Tbf1g+7dveH6U8Bf
BHo8LRovj5OlGghrvpyKYRPIf/NAgzL2G8dyi/FVB0YB4J7/4x0YFEalQHaLiKyt
/gkikyV92njPJ6tPm2sdKUqUHSb20r9AdowZ0VVRrWwdRgUhdNXajjwcbH1BjVuS
Gilw8MnmQkmJAT+TAFkTqC9fjiwtnNMNANJbo2Z36RqsAcKbhVh1eMA7ev0pUakp
Tm4xN64syk/1DEc0VHFbanAreTV3tCbUUIoPQDFGFpiu3oS6/089oUvRtBBbC5p6
leYKEnDllcGWAomRSiYBFWjTca/DIw43QIW/lmdBnwcWLuQmDCmwr3HuhEaOmqfO
hdgaxM4GuVdJCDdwXzwpuaPElCd18weH2XNzudLdeRKN+wjl/4D6bIo+038BcLei
SyhWrMFB7mKSmEzQufQUDACFamtMCn9YOo3mgo+YYk505qhIDLNwZXqyVUqOHvIG
vu7gzuNwUdY5idLqsGEs0K0xVwYntTKUh61tNS/HDfNTVm4Y3p8M88JHhcg7npY5
gJuhWuHkgp2CTsQT+gRjthm3l3AlnIvAfuC5uWLMsjA4sCw2FRDOARxrN9El8maX
/vCxN9aB3dK4S9MSGJ5HhaYpTfpc9CdFkFryzb2sFWfW85nSzNo7dVFCy0jmSr19
o4Jsfj0J0izS3MeGYYz5NSsfBz+6o/IYURL3OXrm4DuJNHY0DvVbYqSQRRx3o2S+
uZekwXwYsqpei/f/sYo875p5NeX3g62zgjy2Vly+n58WaZWoHb5Y0QCxNfpjdcAQ
3tuZQaUvlqrkQeSRxKXD7pxlHdwHDgfvw01RU8NsMkfsBoTZY27BjFvIg5S/pv9O
6IznXaJu9jRWDj6tvSypx8X2iiVgtSHYahlqEUH1RusAMCILkx0DydCvUud/qRbT
YcnkVVgA8ojeDoVpp3AabRrSmgEAOwW6M0KvnSuMKniLIKe7kolqGjEuLAx7s5Kg
mMHfNki5dYWvQzHv03ID9UG+uW6o54BnsajEVe2EcYTPT+8pg2bCxnMElK0ds9Is
qvf2Kx4kqO0qMeJG1II2zfAFqmMiTMtgA2CZ0Y42hA/bQK/CCM8QVo9JcGn3Jf6N
0X1TVob7xDo/fkRROHv74dIh2Kxa0SH8iGdb4kI=
=jN3t
-----END PGP MESSAGE-----
All rights reserved to Security Art ltd. 2002-2011 25
102. Iftach Ian Amit | November 2011
Still “too detectable”
All rights reserved to Security Art ltd. 2002-2011 26
103. Iftach Ian Amit | November 2011
Still “too detectable”
hQMOA1jQIm6UkL4eEAv/W3r/eYLUmqRNi/Jegt72lK6qdBiBfkg9PZ5YKql9CUZp
FGnVk029K3gEVcrA4k7w2aOtP7tYKRF8v4yrZQ9GZ7eXzR7+Tbf1g+7dveH6U8Bf
BHo8LRovj5OlGghrvpyKYRPIf/NAgzL2G8dyi/FVB0YB4J7/4x0YFEalQHaLiKyt
/gkikyV92njPJ6tPm2sdKUqUHSb20r9AdowZ0VVRrWwdRgUhdNXajjwcbH1BjVuS
Gilw8MnmQkmJAT+TAFkTqC9fjiwtnNMNANJbo2Z36RqsAcKbhVh1eMA7ev0pUakp
Tm4xN64syk/1DEc0VHFbanAreTV3tCbUUIoPQDFGFpiu3oS6/089oUvRtBBbC5p6
leYKEnDllcGWAomRSiYBFWjTca/DIw43QIW/lmdBnwcWLuQmDCmwr3HuhEaOmqfO
hdgaxM4GuVdJCDdwXzwpuaPElCd18weH2XNzudLdeRKN+wjl/4D6bIo+038BcLei
SyhWrMFB7mKSmEzQufQUDACFamtMCn9YOo3mgo+YYk505qhIDLNwZXqyVUqOHvIG
vu7gzuNwUdY5idLqsGEs0K0xVwYntTKUh61tNS/HDfNTVm4Y3p8M88JHhcg7npY5
gJuhWuHkgp2CTsQT+gRjthm3l3AlnIvAfuC5uWLMsjA4sCw2FRDOARxrN9El8maX
/vCxN9aB3dK4S9MSGJ5HhaYpTfpc9CdFkFryzb2sFWfW85nSzNo7dVFCy0jmSr19
o4Jsfj0J0izS3MeGYYz5NSsfBz+6o/IYURL3OXrm4DuJNHY0DvVbYqSQRRx3o2S+
uZekwXwYsqpei/f/sYo875p5NeX3g62zgjy2Vly+n58WaZWoHb5Y0QCxNfpjdcAQ
3tuZQaUvlqrkQeSRxKXD7pxlHdwHDgfvw01RU8NsMkfsBoTZY27BjFvIg5S/pv9O
6IznXaJu9jRWDj6tvSypx8X2iiVgtSHYahlqEUH1RusAMCILkx0DydCvUud/qRbT
YcnkVVgA8ojeDoVpp3AabRrSmgEAOwW6M0KvnSuMKniLIKe7kolqGjEuLAx7s5Kg
mMHfNki5dYWvQzHv03ID9UG+uW6o54BnsajEVe2EcYTPT+8pg2bCxnMElK0ds9Is
qvf2Kx4kqO0qMeJG1II2zfAFqmMiTMtgA2CZ0Y42hA/bQK/CCM8QVo9JcGn3Jf6N
0X1TVob7xDo/fkRROHv74dIh2Kxa0SH8iGdb4kI=
=jN3t
All rights reserved to Security Art ltd. 2002-2011 26
104. Iftach Ian Amit | November 2011
Much better
• Throws in some additional encodings
• And an XOR for old time’s sake
• And we are good to go...
• 0% detection rate
All rights reserved to Security Art ltd. 2002-2011 27
105. Iftach Ian Amit | November 2011
Resistance is futile
All rights reserved to Security Art ltd. 2002-2011 28
106. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 29
107. Iftach Ian Amit | November 2011
80
53
443
All rights reserved to Security Art ltd. 2002-2011 29
108. Iftach Ian Amit | November 2011
80
53
443
All rights reserved to Security Art ltd. 2002-2011 29
109. Iftach Ian Amit | November 2011
Kill some trees
All rights reserved to Security Art ltd. 2002-2011 30
110. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 31
111. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 31
112. Iftach Ian Amit | November 2011
Good ol’e DD...
All rights reserved to Security Art ltd. 2002-2011 32
113. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 33
114. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 33
115. Iftach Ian Amit | November 2011
1/2 byte
=
16 values
1 0 1 0
All rights reserved to Security Art ltd. 2002-2011 33
116. Iftach Ian Amit | November 2011
1/2 byte
=
16 values
1 0 1 0
All rights reserved to Security Art ltd. 2002-2011 33
117. Iftach Ian Amit | November 2011
1/2 byte
=
16 values
1 0 1 0
All rights reserved to Security Art ltd. 2002-2011 33
118. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
119. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
120. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
121. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
122. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
123. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
124. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
125. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 34
126. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 35
127. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 35
128. Iftach Ian Amit | November 2011
1 0 1 0
All rights reserved to Security Art ltd. 2002-2011 35
129. Iftach Ian Amit | November 2011
DEMO
All rights reserved to Security Art ltd. 2002-2011 36
130. Iftach Ian Amit | November 2011
DEMO
All rights reserved to Security Art ltd. 2002-2011 36
131. Iftach Ian Amit | November 2011
DEMO
All rights reserved to Security Art ltd. 2002-2011 36
132. Iftach Ian Amit | November 2011
DEMO
All rights reserved to Security Art ltd. 2002-2011 36
133. Iftach Ian Amit | November 2011
DEMO
All rights reserved to Security Art ltd. 2002-2011 36
134. Iftach Ian Amit | November 2011
DEMO
All rights reserved to Security Art ltd. 2002-2011 36
135. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 37
136. Iftach Ian Amit | November 2011
Killing paper isn’t nice
• Fax it!
• Most corporations have email-to-fax
services
• heard of the address
555-7963@fax.corp.com ?
• Just send any document (text, doc, pdf) to it
and off you go with the data...
All rights reserved to Security Art ltd. 2002-2011 38
137. Iftach Ian Amit | November 2011
Conclusions
All rights reserved to Security Art ltd. 2002-2011 39
138. Iftach Ian Amit | November 2011
Conclusions
All rights reserved to Security Art ltd. 2002-2011 39
139. Iftach Ian Amit | November 2011
Conclusions
All rights reserved to Security Art ltd. 2002-2011 39
140. Iftach Ian Amit | November 2011
Conclusions
All rights reserved to Security Art ltd. 2002-2011 39
141. Iftach Ian Amit | November 2011
• Start with the
human factor
• Then add
technology
All rights reserved to Security Art ltd. 2002-2011 40
142. Iftach Ian Amit | November 2011
• Start with the
human factor
• Then add
technology
All rights reserved to Security Art ltd. 2002-2011 40
143. Iftach Ian Amit | November 2011
• Where people leave data
• Hint - spend time with developers.
• “Hack” the business process
• Test, test again, and then test. Follow with a
surprise test!
All rights reserved to Security Art ltd. 2002-2011 41
144. Iftach Ian Amit | November 2011
• Where people leave data
• Hint - spend time with developers.
• “Hack” the business process
• Test, test again, and then test. Follow with a
surprise test!
All rights reserved to Security Art ltd. 2002-2011 41
145. Iftach Ian Amit | November 2011
“be true to
yourself, not to
what you believe
things should look
like”
Old chinese proverb
All rights reserved to Security Art ltd. 2002-2011 42
146. Iftach Ian Amit | November 2011
“be true to
yourself, not to
what you believe
things should look
like”
Old chinese proverb
All rights reserved to Security Art ltd. 2002-2011 42
147. Iftach Ian Amit | November 2011
They are YOUR assets
after all
No reason to be
shy about it...
And remember to add
honey...
All rights reserved to Security Art ltd. 2002-2011 43
148. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 44
149. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 44
150. Iftach Ian Amit | November 2011
All rights reserved to Security Art ltd. 2002-2011 44
151. Iftach Ian Amit | November 2011
TEST SOME MORE
For hints/guides see: www.pentest-standard.org
All rights reserved to Security Art ltd. 2002-2011 45
152. Iftach Ian Amit | November 2011
Questions?
Thank you! Whitepapers:
www.security-art.com
Data modulation Exfil POC: Too shy to ask now?
http://code.google.com/p/ iamit@security-art.com
data-sound-poc/
Need your daily chatter?
twitter.com/iiamit
All rights reserved to Security Art ltd. 2002-2011 46