Download the presentation here.

Stuart Morgan presented ‘The Pageantry of Lateral Movement’ at BSides NYC.

In order to meaningfully compromise a client, you need to take advantage of every opportunity to gather information and laterally move around the network. This talk discussed ways of abusing Pageant (PuTTY’s SSH agent) on a fully patched Windows host, including a demonstration of a meterpreter extension which can tunnel SSH agent traffic in a manner that is almost undetectable with default logging options, and the way that an existing reconnaissance tool from 2012 was improved to make its output easier to use during a simulated attack or penetration test.

Similar Posts

Synthetic Recollections

Megafeis-palm: Exploiting Vulnerabilities to Open Bluetooth SmartLocks

Detecting OneNote Abuse