Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, September 9 • 18:45 - 19:44
Stegosploit - Drive-by Browser Exploits using only Images

Sign up or log in to save this to your schedule and see who's attending!

"A good exploit is one that is delivered with style".

Stegosploit creates a new way to encode "drive-by" browser exploits and deliver them through image files. These payloads are undetectable using current means. This paper discusses two broad underlying techniques used for image based exploit delivery - Steganography and Polyglots. Drive-by browser exploits are steganographically encoded into JPG and PNG images. The resultant image file is fused with HTML and Javascript decoder code, turning it into an HTML+Image polyglot. The polyglot looks and feels like an image, but is decoded and triggered in a victim's browser when loaded.

Speakers
avatar for Saumil Shah

Saumil Shah

Saumil Shah is the founder and CEO of Net-Square, providing cutting edge information security services to clients around the globe. Saumil is an internationally recognized speaker and instructor, having regularly presented at conferences like 44CON, Blackhat, RSA, CanSecWest, PacSec, EUSecWest, Hack.lu, Hack-in-the-box and others. He has authored two books titled “Web Hacking: Attacks and Defense” and “The Anti-Virus... Read More →


Wednesday September 9, 2015 18:45 - 19:44
Track 1

Attendees (30)