Old Web Shells, New Tricks

Ryan Kazanciyan Principal Consultant

Old Web Shells, New Tricks

? Copyright 2012

AppSec DC 2012

Standard Disclaimer

All information is derived from MANDIANT observations in non-classified environments

Some information has been sanitized to protect our clients' interests

2 ? Copyright 2012

whoami

RYAN KAZANCIYAN ["kah-ZAN-see-yan"] Principal Consultant Joined Mandiant in 2009 Focus on incident response

investigations and forensics Previous background in

penetration testing, application security Instructor

3 ? Copyright 2012

Reviewing the Basics

? Copyright 2012

Web Shells Defined

Malicious web page that provides attacker functionality:

- File transfer - Command execution - Network reconnaissance - Database connectivity -...

Server-side scripting

- PHP, ASP, ASPX, JSP, CFM, etc...

5 ? Copyright 2012

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.