The Nihilist’s Guide to Wrecking Humans and Systems

Author(s): Christina Camilleri
Category: Exploit Research
Duration: 45
Summary: Many can identify the soft, fallible bundle of meat and love that is a human. Humans can be found in their natural habitat milling around at the fuzzy edges of unsuspecting computer systems. Let’s go on a safari through benefits and healthcare systems, well-meaning information security departments and warm-hearted technical support agents as we explore the unexpected effectiveness of combining technical penetration testing with social engineering of our warm-blooded friends.

Together, we will see how social engineering can be used in conjunction with offensive technical attacks to create destructive attack chains and share some real world scenarios. I show how innocent pretexts can lead to complete network compromise and RCE on production servers, why combining attack chains is effective and why social engineering awareness training is NOT the solution you need.

Not every talk has to be a deep dive into maneuvering the mangled heap overflow structures to get control of a bit here or a bit there. Let me help you get your shells faster.

Likes: 0

Comments

aaronc100

May need a bit more Bang in the summary...i.e. social engineer us into rating this higher. ;-)


elgatonegro

More details please. Give us the skeleton of one or more scenarios you plan to present.


ranok

BORING! Come on, let's not have a rehash of "war stories" of SE


nyx

Thanks for the feedback, I've updated the abstract to be a little more interesting, hopefully :)


h1r0.pr0t4g0n1st

For the record, I've seen a variation of this talk. It was captivating.