BSIDESLA 2013 – Popping the Penguin: AN INTRODUCTION TO THE PRINCIPLES OF LINUX PERSISTENCE – MARK KITA

Description: Breaking in is half the battle. I’ve talked to so many people whose only objective is to try and break into systems. I get that. It’s awesome, the rush you get when you bring up that shell. But what then’ Ops hardening does not end at the outer shell. Once you’re in, you still have to navigate the maze of files, directories, and permissions that is the Linux file system. This talk will cover discovering services, utilizing simple and moderate netcat commands, combining netcat with crontab to create access windows, utilizing /dev/tcp to create a reverse shell, obfuscation to avoid IDS/IPS, and providing examples of tools at each step of the way. Some Linux experience needed. If breaking in is half the battle, staying in wins the war.

BIO: Mark Kikta is a Security Consultant with VioPoint which is located in Auburn Hills, Michigan. Mark supports a variety of operational security programs that includes vulnerability management security monitoring and incident response. As a former Linux engineer with Secure-24, Mark tries to provide information he wishes he had known when he was starting to work with Linux in the realms of security.