- 16 Nov
In this talk, We’ll share our experience, where we donned the dual roles of external pentesters and playful ""Ransomware Overlords"". Our tales will highlight the professional aspects of our engagement. Along with that, we will recount a part of our adventures, through these, we aim to debunk the notion that all web and external infrastructure pentests are boring, and even sometimes, amidst stringent security hardening measures and limited port access, pentested networks/web applications provide an easy entry to ransomware gang operators because of the fact that Internet-exposed Web Servers have latent vulnerabilities hidden within the web applications.
Our stories will demonstrate how unexpected entry points can be abused by ransomware mischief-makers, not just for initial foothold, but also, for the lateral movement within and across the network. We'll take you through our journey of employing simple tools and techniques, while skillfully evading the watchful eyes of endpoint security. We will showcase how a crafty attacker could exploit these safeguards by leveraging methods such as pivoting and network tunneling, ensuring persistence beyond the initial breach.