Exploiting the Zero’th Hour: Developing your Advanced Persistent Threat to Pwn the Network

Expo Theatre (Hall G) October 22, 2013 - Feedback     

Bookmark and Share

Solomon Sonya
Nick Kulesza

Advanced Persistent Threats (APT) and Botnets represent one of the largest security concerns with regards to network defense and exploitation. Most security professionals know about these advanced tools; many people have even discussed the overall concept regarding command and control of networked systems, however, many experts to not yet understand how to create a botnet and establish unhindered command and control to many systems across the Internet. If a security researcher or penetration tester sets out to build a botnet, where do they begin and how do they overcome serious difficulties encountered in the development of their botnet and APT malware? This talk solves these issues by showing exactly how to create a botnet (from scratch), how to build new implants and the master controller to herd all infected systems into one user interface, and includes live demos of Splinter, the Remote Administration Tool (RAT) we created to demonstrate the entire process and release to the community for use. And so what about defense you ask? One word answers this: PWNED!!! As systems continue to be exploited on a daily basis, the end result of this presentation is to show how to build these botnets such that white-hat hackers, penetration testers, red team experts, and computer incident responders can tie this knowledge into implementing better security measures for the protection of our networks.