Mass Owning of Seedboxes - A Live Hacking Exhibition (DEF CON 31) - InfoconDB
Mass Owning of Seedboxes - A Live Hacking Exhibition (DEF CON 31) - InfoconDB
"No one hacks at DEFCON any more." is what I've heard. That is, until now. Seedboxes/seedhosts are used by thousands of pirates to download and distribute Movies/TV/Music via USENET and Torrents. The thing is, these systems are horribly insecure. Like, they are wide open. In this talk, I am going to...
I can't find any vods of the event so far, and there are no slides either. Would have been an interesting watch.
Just port scan, attack, 0wn, extract credentials, download all content, obtain other users' credentials, etc.
Looks like they used censys.io to find "open" seedboxes. I bet a lot of these providers use TCP sockets for internal communications so its no surprise there, when you can just request access, and it gives you it.
I heard this year's DEFCON closed early due to a bomb threat. Hopefully no talks were affected, I always look forward to them coming out.