Questions tagged [exfiltration]

16 questions
9
votes
6 answers

A new programming paradigm (e.g., Rust) to reduce or end all zero-day vulnerabilities/exploits?

In view of the Hafnium and Solarwind hacks, where multiple zero-day vulnerabilities were used to ultimately stage the hack and data exfiltration, would the use of memory safe programming languages such as Rust to build software help to reduce or end…
Nathan Aw
  • 1
  • 7
  • 12
8
votes
4 answers

Outbound proxy which whitelists by server certificate?

Short version: Are you aware of any proxy or firewall device which will permit outbound SSL connections to hosts with approved* SSL certificates only? Long version: Consider the following scenario. I have a server farm which is protected from the…
gowenfawr
  • 71,975
  • 17
  • 161
  • 198
6
votes
1 answer

What are the EFAIL "backchannels in email clients not related to HTML"?

The published examples for exploiting the EFAIL email encryption vulnerability all appear to use HTML to create a backchannel for exfiltrating decrypted data. However, the homepage of EFAIL, https://efail.de/ , claims: Short term: Disable HTML…
sleske
  • 1,622
  • 12
  • 22
4
votes
2 answers

How does releasing exfiltrated data increase the chances of an attacker getting caught?

I'm reading an article from the Institute for Applied Network Security (IANS) titled "Ransomware 2.0: What It Is and What To Do About It", and there's a piece I don't understand. The article requires a subscription, but here's the excerpt (emphasis…
pancake-house
  • 773
  • 1
  • 5
  • 13
4
votes
1 answer

Exfiltrate data by injecting functions in Excel 2007 file rendered with PHP

I need to extract data from inside an Excel fille using Excel 2007 functions. The concept is somewhat related to stored XSS type of data exfiltration only that I need to use Excel 2007 functions (which I managed to inject in the file cells) in…
Lucian Nitescu
  • 1,802
  • 1
  • 13
  • 27
3
votes
1 answer

How to exfiltrate data over remote desktop

I sometimes come across systems that are segregated in a way I know to be flawed. The arrangement usually looks like this: There is a general IT environment, which follows best practice: patching, anti-virus, password policy, USB disabled, etc.…
paj28
  • 32,736
  • 8
  • 92
  • 130
3
votes
1 answer

What is good metric for detecting data exfiltration on covert channel?

Considering the scenario when the attacker is able to exfiltrate sensitive data from compromised system to external network or Internet, but there are only limited ways to achieve this because the outbound connection is configured to not allow…
Pandora
  • 167
  • 5
2
votes
1 answer

Content Security Policy: postMessage into foreign iframe

Assume we have a webpage with sensitive data. The page uses a marketing partner advertisingpartner.com which collects data via third-party cookies in a foreign iframe. We have applied a relatively strict CSP: connect-src 'self'; frame-ancestors…
1
vote
1 answer

Can you exfiltrate data over a serial connection from the client?

When you manage some device over serial the connection is in general bidirectional. But usually the host manages the client by sending commands over the serial connection. Is there some easy way for some kind of reverse management? Can attackers…
1
vote
1 answer

How to prevent a virus from stealing data when I transfer files between offline and online computers?

Let's say I have one offline computer with some important data, and one online computer. Sometimes I need to move files from the offline computer to the online one. When I transfer those files, is there a risk that a virus would also transfer some…
GuessMe
  • 91
  • 5
1
vote
1 answer

Can malicious communication be hidden reasonably well in encrypted network traffic?

Given that a lot of websites now use TLS/https to encrypt all network traffic: If a client machine is compromised and does need to establish a back channel to a C&C-Server for additional instructions and data exfiltration, can it be successfully…
Tobi Nary
  • 14,302
  • 8
  • 43
  • 58
0
votes
2 answers

Check if i'm using a filtered network

I would like to know if the connection in my office is filtered, because i cannot access Faceboook neither Youtube but i can access google with no problems, but Tor i can access all the websites. i would like to know some details about the filtering…
geogeek
  • 113
  • 1
  • 5
0
votes
1 answer

How do RSA smartcards prevent key exfiltration?

Extracting private keys directly from the card is nearly impossible. With some acid package destruction and electron microscope work, a skilled team, and enough time, money, and luck you can in theory extract keys but it involves not only physical…
0
votes
1 answer

How Were FireEye's Tools Exfiltrated?

What was the mechanism for exfiltrating FireEye's redhat tools in the recent SolarWinds hack? I understand it was via HTTP (small packets to many servers)? Are there any further details? Is this a likely ongoing systemic threat or can it be…
Ryan
  • 173
  • 1
  • 4
0
votes
1 answer

XXE with OOB data exfiltration

SCENARIO: I successfully tried to send a request to the burp collaborator, then the application is vulnerable to SSRF through blind XXE. The payload I used is the following
Maicake
  • 497
  • 1
  • 3
  • 13
1
2