Microsoft Powershell is an extensible and powerful arsenal to any systems administrator... and hacker. Now being installed by default in Server 2008, Windows 7, and optional in other operating systems, Powershell is something that will be a prevalent default on the most popular operating systems going forward. Since Microsoft removed our method of delivering malicious payloads on a system through Windows debug, we got creative. Through this presentation, we will release two working payloads (bind and reverse) written purely in Powershell and the ability to deliver whatever payload you want onto the operating system and execute. We'll also be releasing a Metasploit auxiliary module utilizing this new attack vector the day of the talk. Also included in this talk is ways of bypassing the execution restrictions which requires no modifications to the operating system to execute powershell backdoors. Lastly, there will be discussion on the future of Powershell and how we can use it for more advanced attack vectors going forward.
David Kennedy (ReL1K) is a security ninja that likes to write code, break things, and develop exploits when he has spare time. Heavily involved with BackTrack and the Social-Engineer Framework, David continues (and strives) to contribute to a variety of open-source projects. David had the privilege in speaking at some of the nations largest conferences including Defcon and Shmoocon. David is the creator of the Social-Engineer Toolkit (SET), Fast-Track, modules/attacks for Metasploit, and has (responsibly) released a number of public exploits, including attacks that affect some of the largest software vendors in the world. David heavily co-authored the Metasploit Unleashed course available online and has a number of security related white-papers in the field of exploitation. Currently David is a Director and Regional Security for an international multi-billion dollar Fortune 1000 organization and is in charge of ensuring that security is maintained in over 60 different countries. He has a team of highly skilled security professionals that ensure the organizations systems are protected against attack. Prior to his current responsibilities at his current employer, David was a Partner and Vice President of a large information security consulting firm where he led a team of highly skilled and trained security professionals and performed thousands of penetration tests and security assessments across the world for a number of large Fortune 100, 500, and 1000 organizations. Lastly, David served as a United States Marine working directly for the intelligence community and deployed twice to Iraq in support of Operation Iraqi Freedom where he was the youngest Marine to receive multiple awards for recognition for going above and beyond in his battalion. David also developed a number of highly technical and cutting edge systems for the Marine Corps that were utilized on missions across the world. Towards the end of his military career, David was an instructor for the intelligence community on security related programs.