In this episode of the Hack the Planet Podcast:
We talk with Josh Pitts, creator of The Backdoor Factory, ebowla, and SigThief, about the backstory of some of these tools and the offensive open-source tools debate. Featuring Vyrus and fast Dan.
Pitts Links:
https://github.com/sponsors/secretsquirrel
https://github.com/secretsquirrel/the-backdoor-factory
https://github.com/Genetic-Malware/Ebowla
https://github.com/secretsquirrel/SigThief
https://sec.okta.com/articles/2018/06/issues-around-third-party-apple-code-signing-checks
https://github.com/golang/go/issues/16292
Golang rewrite:
https://binject.github.io/backdoorfactory
https://github.com/Binject/debug
BananaPhone / Hell’s Gate:
https://github.com/C-Sto/BananaPhone
More Code Signature Bypasses:
https://www.securityinbits.com/malware-analysis/interesting-tactic-by-ratty-adwind-distribution-of-jar-appended-to-signed-msi/
dylib TOCTOU: http://powerofcommunity.net/poc2015/pangu.pdf
linux by design: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1883949
Copy-Paste Compromises: https://www.cyber.gov.au/sites/default/files/2020-06/ACSC-Advisory-2020-008-Copy-Paste-Compromises.pdf
Other:
https://github.com/vyrus001/go-mimikatz
Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.
Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.
- Interview with Ilja van Sprundel - April 13, 2021
- The Universal Loader for Go - March 4, 2021
- Go Assembly on the arm64 - March 2, 2021