Using Guided Missiles in Drive-Bys: Automatic browser fingerprinting and exploitation with Metasploit

DEF CON 17

Presented by:
Date: Saturday August 01, 2009
Time: 11:00 - 11:50
Location: Track 2
Track: Track 2

The blackhat community has been using client-side exploits for several years now. Multiple commercial suites exist for turning webservers into malware distribution centers. Unfortunately for the pentester, acquiring these tools requires sending money to countries with no extradition treaties, taking deployed packs from compromised webservers, or other acts of questionable legality. To ease this burden the Metasploit Project will present an extensible browser exploitation platform integrated into the metasploit framework.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats