Description: ClickOnce is a deployment solution that enables fast, easy delivery of packaged software. It is commonly used by organizations to deploy both internal and production-grade software packages along with their respective updates. By allowing end-users to accept the requested permissions of the software package without the intervention of an administrator, ClickOnce simplifies the deployment and use of robust software solutions.
It also provides an excellent opportunity for malicious actors to establish a foothold in your network.
In this talk, I will discuss how I combined ClickOnce technology and existing phishing techniques into a new methodology for establishing an initial presence in an environment. By minimizing user interaction, we only require that the user is fooled for "one click" - after that, we already have a foothold in their environment and are ready to pivot and escalate further.
Ryan Gandrud
Senior Security Consultant, NetSPI
Ryan is a senior security consultant with a B.S. in computer science from North Dakota State University. He has worked in the Information Technology, Healthcare, Financial Services, and Information Security industries. Ryan's primary knowledge base includes network, web application, and thick application penetration testing with extensive knowledge in email phishing. Ryan has presented at multiple venues before including Bsides Las Vegas and Secure360.
For More Information Please Visit:- https://2016.appseccalifornia.org/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.