Tactical Fingerprinting Using Metadata, Hidden Info and Lost Data

DEF CON 17

Presented by: Scott Moulton, Marsh Ray
Date: Sunday August 02, 2009
Time: 13:00 - 13:50
Location: Track 3
Track: Track 3

In 2003 Tony Blair was "bytten" by a word document which its metadata demonstrated had been edited. Since that days a lot of advisories warning about to keep free of undesired data all published document shown up around the whole Internet... but times went by and people don't worry so much about this BIG problem. In this session you will see how analyzing all published documents in a website is possible to fingerprint a lot of (if not almost all) information about the internal network. This session will show you how to use FOCA tool to collect the files, gathering the information from ODF, MS Office, PDF/EPS/PS files, cross the information found with artificial intelligence rules and fingerprint big amount of info about the network structure, matching IP address with internal server names, printers, shared folders, ACLs...and to show how it can effectively be used by security consultants who traditionally could only offer source code fixes.

Chema Alonso

<strong>Chema Alonso</strong> is a Computer Engineer by the Rey Juan Carlos University and System Engineer by the PolitÈcnica University of Madrid. He has been working as security consultant last six years and had been awarded as Microsoft Most Valuable Professional since 2005 to present time. He is a Microsoft frequent speaker in Security Conferences. He writes monthly in several Spanish Technical Magazines. He is currently working on his PhD thesis about Blind Techniques. Recently spoke in BH Europe 2008 about LDAP Injection &amp; Blind LDAP Injection attacks, in Defcon 16 about Time-Based Blind SQL Injection using heavy Queries, in Toorcon X about RFD (Remote File Downloading), in DeepSec 2k8 in Austria. Recently has been selected to be presenting in HackCon#4 in Norway, in SchmooCon 2k9 in Washington DC and in Black Hat Europe 2009.

Jose Palazon

<strong>Jose Palazon (Palako)</strong> is responsible for Mobile security worldwide at Yahoo!. He is 8+ years experienced in security advisory and training, covering private companies, government and academics in both areas. His areas of expertise include mobile, web and unix systems security as well as digital forensics.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats