Dailydave mailing list archives
Smart channel configurations, something you needed but never thought you needed, like a thneed.
From: dave aitel <dave () immunityinc com>
Date: Thu, 4 May 2017 14:27:40 -0400
https://vimeo.com/215905922 https://vimeo.com/215906923 https://vimeo.com/200421115 Ok, so I have a hard time explaining what it means for an implant to be "brainy". To be fair, we have a hard time explaining WHY we want our implants to be brainy. Not-brainy is a perfectly valid approach! Many a 196 byte worm coded entirely in hand-assembly has lived a long and fruitful life on the Internet. But look , let's say you are in the market for an implant that can do the kinds of things whatever Wikileaks will leak in 2018 can. That requires brains. Here's an example: An implant that from 9-5 uses the web to communicate to your C2, and the rest of the time, a very slow ICMP covert channel. Or perhaps one that can auto-detect what the network proxy your network is using is, and configure itself to use that. Or one that looks that the email subject lines you tend to use, and then runs that through a bit of Bayesian magic to create similar ones which it uses to communicate with the C2. Or one that sees that all the implants on the local network are being taken out, and intelligently switches off for a while, and then uses a different C2 when it wakes up. Incident response response, as we call it! Watch the videos, and let us know if you have any better ideas. :) -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Smart channel configurations, something you needed but never thought you needed, like a thneed. dave aitel (May 04)