DEFCON 17: Tactical Fingerprinting Using Metadata, Hidden Info and Lost Data
Text to Speech
Speakers:
Chema Alonso MVP Enterprise Security, CTO Inform·tica64
Jose Palazon "Palako" Yahoo!
In 2003 Tony Blair was "bytten" by a word document which its metadata demonstrated had been edited. Since that days a lot of advisories warning about to keep free of undesired data all published document shown up around the whole Internet... but times went by and people don't worry so much about this BIG problem. In this session you will see how analyzing all published documents in a website is possible to fingerprint a lot of (if not almost all) information about the internal network. This session will show you how to use FOCA tool to collect the files, gathering the information from ODF, MS Office, PDF/EPS/PS files, cross the information found with artificial intelligence rules and fingerprint big amount of info about the network structure, matching IP address with internal server names, printers, shared folders, ACLs...and to show how it can effectively be used by security consultants who traditionally could only offer source code fixes.
For more information visit: http://bit.ly/defcon17_information
To download the video visit: http://bit.ly/defcon17_videos
2011-01-14 07:34:12
source
Gloss