techniques for hiding and detecting traces aka. crouching admin, hidden hacker
DESCRIPTION
More info on http://techdays.be.TRANSCRIPT
![Page 1: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/1.jpg)
Crouching Admin, Hidden Hacker
Paula JanuszkiewiczCQURE: CEO, Penetration Tester
iDesign: Security Architect
![Page 2: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/2.jpg)
Paula Januszkiewicz
CQURE: CEO, Penetration Tester
iDesign: Security Architect
[email protected] | [email protected]
http://idesign.net
Contact
![Page 3: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/3.jpg)
Session Goals
Be familiar with the possibilies of the operating system
![Page 4: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/4.jpg)
Agenda
![Page 5: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/5.jpg)
Operating System Accountability
![Page 6: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/6.jpg)
Agenda
![Page 7: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/7.jpg)
Operating System Logging
Mechanisms
http://www.clearci.com
![Page 8: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/8.jpg)
Logs Less & More
Advanced
![Page 9: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/9.jpg)
Hacker’s Delivery
![Page 10: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/10.jpg)
Services & ACLs
demo
![Page 11: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/11.jpg)
Replacing Files
![Page 12: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/12.jpg)
"Vulnerabilities"
demo
![Page 13: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/13.jpg)
Launching Evil Code
![Page 14: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/14.jpg)
http://stderr.pl/cqure/stuxnet.zip
![Page 15: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/15.jpg)
Services (In)Security
![Page 16: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/16.jpg)
From A to Z - DLLs
![Page 17: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/17.jpg)
Kernel Traces
![Page 18: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/18.jpg)
Areas of Focus
![Page 19: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/19.jpg)
Agenda
![Page 20: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/20.jpg)
Dirty Games: Hiding Mechanisms
![Page 21: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/21.jpg)
Hidden Processes
![Page 22: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/22.jpg)
Dirty Games: Protection Mechanisms
![Page 23: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/23.jpg)
Protected Processes
![Page 24: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/24.jpg)
Dirty Games: Hooks
![Page 25: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/25.jpg)
Hooking
![Page 26: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/26.jpg)
3 of 10 Immutable Laws of Security
![Page 27: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/27.jpg)
Agenda
![Page 28: Techniques for Hiding and Detecting Traces aka. Crouching Admin, Hidden Hacker](https://reader034.vdocument.in/reader034/viewer/2022052413/559cc5521a28abca368b45a4/html5/thumbnails/28.jpg)
Summary