Ag3nt47 Security – Carolinacon – 9 – 2013 – Getting Shells When Metasploit Fails

Description: Penetration Tests aren’t new, and most companies have figured out how to eliminate the low hanging fruit. Some have even gone above and beyond and deployed technologies like Network AV, IPS, and egress filtering. In 50 minutes, this talk is going to go through different ways of getting access to systems on the network without exploits and working around common hardening. Leveraging configuration weaknesses, common hardening oversights, and more, we’ll go through ways to get around difficult AV systems, network AV, using open source and commonly available tools to get access to boxes were the standard stuff fails. Join us for a adventure with few slides and lots of shells, just make sure to keep your hands and feet inside the ride at all times.

Ryan Linn is a Senior Consultant with Trustwave’s SpiderLabs – the advanced security team focused on penetration testing, incident response, and application security. Ryan is a penetration tester, an author, a developer, and an educator. He comes from a systems administration and Web application development background, with many years of IT security experience. Ryan currently works as a full-time penetration tester and is a regular contributor to open source projects including Metasploit and BeEF, the Browser Exploitation Framework.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s