Nick Dunn, IOActive Senior Security Consultant, will be presenting at this year’s BSides Ume, taking place June 16 – 17, in Umea, Sweden. Nick’s talk, “A Stealth and Safety Issue – Exfiltration using ‘data bouncing,'” focuses on the concept of “data bouncing” via a third-party web server. You can check out the abstract below!
ABOUT THE EVENT:
The third BSides Conference in Umeå, Sweden will take place June 16th to 17th. It is a community conference on IT security and related fields, part of the global BSides community and is arranged by Academic Computer Club in Umeå.
TALK ABSTRACT:
The concept of “data bouncing” via a third-party web server provides an extremely stealthy method of bypassing traditional network safeguards. By directing web requests to certain domains that process hostnames in headers, you can relay small pieces of data to your DNS listener, allowing you to collect and reconstruct data, in the form of strings, files, or any other type of data.
The recent discovery of this technique has received minimal publicity, which seems to be partly attributable to the unfamiliar use of familiar services, and partly to a lack of easy to use tooling. This talk aims to rectify both of these by providing a clear explanation of the concept and presenting a new tool to allow the exfiltration to be carried out easily.