Find Out What We’ve Got Lined Up for #MVS2021

Our full agenda is available for you to view. Every presentation will also feature a Q&A and Discord activity — so be sure to join us live to get the most out of every session.

VIEW BELOW

MVS21 AGENDA

Discover What You’ll Learn at MVS2021

RESULTS:

May

19

TYPE

Lecture

THEME

Corporate Investigations

TIME

12:00 SGT

Hunting and Investigating malicious web shells with Magnet AXIOM

Jordan Hunt

In this Lecture:

A malicious web shell is a script that can be uploaded to a web server to enable remote administration of the infected host machine. A web shell can be written in any language supported by the host web server, the case study in this presentation was written in ASP. Using network reconnaissance tools, a threat actor can identify vulnerabilities to exploited on the target machine resulting in the successful installation of a web shell. In this case study multiple vulnerabilities existed in the Content Management Systems (CMS), once blank.aspx was successfully uploaded, the threat actor used the web shell to leverage other exploitation techniques to escalate privileges and to issue commands remotely. These commands were related to the privilege and functionality available to the web server and included the ability to add, delete and execute files as well as the ability to run PowerShell commands to overwrite file system timestamps in an attempt to evade detection.

During this session we will look at ways to automate the identification of malicious web shells on an infected machine. Associating the PowerShell commands and other malicious files to ensure a full understanding of the impacted data, while ensuring the complete eradication of the threat. This presentation involves a real life case study where a malicious web shell was collecting passwords and credit card details from a ecommerce site, along with research on the web shell post engagement.

Expand

REGISTER NOW
Date Details Speaker Session Type Content Theme Timezone

May

19

Hunting and Investigating malicious web shells with Magnet AXIOM

Jordan Hunt

Lecture

Corporate Investigations

12:00 SGT

In this Lecture:

A malicious web shell is a script that can be uploaded to a web server to enable remote administration of the infected host machine. A web shell can be written in any language supported by the host web server, the case study in this presentation was written in ASP. Using network reconnaissance tools, a threat actor can identify vulnerabilities to exploited on the target machine resulting in the successful installation of a web shell. In this case study multiple vulnerabilities existed in the Content Management Systems (CMS), once blank.aspx was successfully uploaded, the threat actor used the web shell to leverage other exploitation techniques to escalate privileges and to issue commands remotely. These commands were related to the privilege and functionality available to the web server and included the ability to add, delete and execute files as well as the ability to run PowerShell commands to overwrite file system timestamps in an attempt to evade detection.

During this session we will look at ways to automate the identification of malicious web shells on an infected machine. Associating the PowerShell commands and other malicious files to ensure a full understanding of the impacted data, while ensuring the complete eradication of the threat. This presentation involves a real life case study where a malicious web shell was collecting passwords and credit card details from a ecommerce site, along with research on the web shell post engagement.

Expand

REGISTER NOW
SELECT AND REGISTER FOR SESSIONS

Note: Once you’ve registered for MVS21, you will be able to manage all your events via your MVS21 event hub.

#MVS21 #MVS21

MVS MERCH

Get YOUR SUMMIT ON

We’re offering exclusive merch to help you get in the spirit of MVS! Check out what apparel we have available and remember that all profits go to Child Rescue Coalition.

Use code MVS2021 at checkout for 10% off!

BROWSE MERCH