Hackers of India

Continuous Intrusion: Why CI Tools Are an Attacker’s Best Friends.

By  Nikhil Mittal  on 19 Nov 2015 @ Deepsec


Presentation Material

Abstract

Continuous Integration (CI) tools provide excellent attack surfaces due to no/poor security controls, the distributed build management capability and the level of access/privileges in an enterprise.

This talk looks at the CI tools from an attacker’s perspective, using them as portals to get a foothold and for lateral movement. We will show how to execute attacks like command and script execution, credentials stealing and privilege escalation; how to not only compromise the build process but the underlying Operating System and even entire Windows domains. No memory corruption bugs will be exploited and only the features of the CI tools will be used.

Popular CI tools, open source as well as proprietary, will be the targets. The talk will be full of live demonstrations.