data exfiltration over SSL with srvdir

Every now and then I come across some application that may or may not have been developed with penetration testing in mind but it ends up being damn helpful all the same. Yesterday I found a post about ‘srvdir‘ (surv~durr?) which is designed to share content over SSL/TLS via a public site.

When trying to exfiltrate data from a client site I normally spend a lot of time setting up tunnels, using disposable A records from afraid.org and one of my boxes in some east-european cave just so I can get the damn ‘payroll-summary-june-2014.pdf’ trophy off some box that is swimming in ssh-tunnel-fu. srvdir is the perfect answer to this problem and testing it has been awesome and full of those “Why didn’t I think of this?!!” rants.

Essentially, what srvdir does is to create a SSL tunnel to the mothership ‘srvdir.net’ and issue a subdomain that can be accessed externally to siphon the files off. Grabbing files is relatively painless with the odd 404 for the permission snobs. … read more

in the realm of the hackers

In The Realm of the Hackers is a 2003 Australian documentary directed by Kevin Anderson about the prominent hacker community, centered in Melbourne, Australia in the late 80’s to early 1990. The storyline is centered around the Australian teenagers going by the hacker names “Electron” and “Phoenix”, who were members of an elite computer hacking group called The Realm and hacked into some of the most secure computer networks in the world, including those of the US Naval Research Laboratory, Lawrence Livermore National Laboratory, a government lab charged with the security of the US nuclear stockpile, and NASA.

Kudos to Fuzzy for the link!