By Nick Landers
This talk will discuss the methodology, selection process, and challenges of modern C2. It will cover the details of recent HTTP/S advancements and tooling for new cloud service primitives such as SQS, AppSpot, S3, and CloudFront. We will demonstrate how trust can be abused for stealthy C2 techniques via internal mail servers, defensive platforms, and trusted domains. We will also cover the various options for domain takeover, and release tooling for exploiting domain takeover scenarios in Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP).
Full Abstract & Presentation Slides: https://www.blackhat.com/us-19/briefings/schedule/index.html#flying-a-false-flag-advanced-c-trust-conflicts-and-domain-takeover-15254