Loading…
Botconf has ended
Back To Schedule
Friday, December 4 • 10:00 - 10:30
Powered by JavaScript

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Current capabilities of JavaScript turns the browser into the perfect host for a botnet agent. It can be compromised through different vectors, offers a wide range of functionalities, provides persistence and storage, communicates freely with many C&C channels, and behaves like a perfect pivoting point for further propagation into the internal network, or anywhere else.

Therefore JavaScript is to be considered as a powerful botnet enabler, deeply interlaced with other underlying technologies, such as HTML5, WebRTC or even local shells, and able to interfere at any level of the botnet lifecycle.

This presentation aims at identifying most of the recent JavaScript-based techniques which have proved to be efficient in the implementation of core botnet capabilities (injection, control, persistence, propagation, and of course operations from the compromised browser), and to show how one could build a 100% javascript botnet able to defeat most of the defenses currently found in today’s IT.

Speakers
avatar for Renaud Bidou

Renaud Bidou

Technical Director - Southern Europe, Trend Micro
Dinosaur


Friday December 4, 2015 10:00 - 10:30
Amphitheater