Basic Offensive Application of MOF Files in WMI Scripting

BSidesCharm 2018

Presented by: Devon Bordonaro, Connor Gephart, Sam Ruthenberg
Date: Saturday April 28, 2018
Time: 14:00 - 14:20
Location: Track 1

A basic introduction on how to use MOF files and the Windows Management Instrumentation (WMI) database to alter how programs execute and implement your own processes. Join us for a walkthrough of MOF design and an overview of the vulnerabilities presented by the WMI database. Finally, learn how the hardest part of using MOF files is making yourself known to the user.

Devon Bordonaro

Devon Bordonaro is a Senior undergraduate student at Towson University. He is studying Computer Science with a concentration in Computer Security. He joined the Towson University Cyber Defense Team this year to learn as much as possible about offensive and defensive tactics in Cyber Operations. He hopes to gain as much knowledge about the cybersecurity world as possible with hopes to gain a career in cyber operations, incident response, or vulnerability assessment. He is currently a Student Manager at his job with Student Computing Services at Towson University. He is responsible for supervising over 20 student employees as well as troubleshooting various computer issues for students. In his free time he enjoys playing a variety of online video games and rhythm games.

Connor Gephart

Connor Gephart is a sophomore at Towson University studying Computer Science and Mathematics with a track in Cyber Security. He joined with Towson’s Collegiate Cyber Defense Competition team this year to learn more about cyber security and its applications. He is currently a co-op with UPS helping to transition the company to DevOps, working with software such as Docker, Maven, and Ansible. He enjoys playing video games and playing a variety of role-playing and board games.

Sam Ruthenberg

Sam Ruthenberg is a senior at Towson University majoring in Computer Science with the cyber security track. At his time at University he worked with fellow students in research and growing their cyber security knowledge. He has interned with the Navy, and worked on cyber tools and testing with Avionic platforms. He has an interest in enterprise security, and how security will change in the future.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats