Description: http://data.proidea.org.pl/confidence/9edycja/materialy/prezentacje/MicheleOrru.rar What will you do during a pentest if you should get access to some target internal resources while having no exploitable external ones for the escalation? Well, there could be many responses on this provocative sentence, starting from Social Engineering techniques to the exploitation of victims browser inside the target.
We will see how BeEF can help resolving almost impossible pentest situations while directly exploiting the victims inside the target, using their machines as pivot to gather access to internal as well external resources, and how it.s much easier now to extend BeEF functionality writing your own modules to suit your needs.
Apart from that, the presentation will focus on covering the new BeEF platform that is being developed in Ruby, with a complete code rewrite and many new features: just to mention some of them, the newer Metasploit integration for zombie pwnage, persistent sessions, tunneling proxy and many new ways to use the victim browser to do nasty things.
Tags: securitytube , Confidence , hacking , hackers , information security , convention , computer security , Confidence 11 , Confidence-2011 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.