A relatively small but also somewhat unknown type of botnets are automatically attacking web servers and joining them together into a classic C&C botnet. These bots are flawed by design and often use code from each other, thus the same types of flaws are consistent among almost all bots encountered. This presentation dives into finding these botnets, what the flaws in these bots are, how to exploit them, and a live demo.



Location: Sunday 10th November 2013 - 16:00 @ The Opera House - Wellington - New Zealand.



Bio:

Hans is a Security Consultant at Sense of Security and is an active part of the penetration testing team. He is an IT security specialist, independent researcher, and penetration tester.



Toolkit: https://github.com/Varbaek/alpha-toolkit

YouTube: http://www.youtube.com/playlist?list=PLIjb28IYMQgqWSjVFsSTT5QY_gPYoynxh

Vimeo: https://vimeo.com/channels/botnetsoftheweb

