It’s taken me a couple of days to recover from Carolina Con. I knew it was going to be a riot with all the alcohol in walking distance. Now that I have my equilibrium I can post my presentation on Layer 7 attacks. My laptop and the projector weren’t working well together so I had to borrow Nick Fury’s laptop which didn’t have all the tools I needed for the presentation, so I wasn’t able to present the second half of my talk. I’m hoping this video will compensate. Keep in mind that my total presentation was going to include this video (scenario 1, cross site texting) and my previous video post of analyzing cookies (scenario 2). One thing you won’t see in this screen cast is that during the presentation I used a volunteer from the audience to prove that an attacker could text himself the username and password of an unsuspecting victim. Luckily apples from the HTS crew let me spam his phone with my demo and all he got was a t-shirt, a kick ass Carolina Con t-shirt that is. Well I had a great time and I’ll definitely make it back next year. As always I would love to hear your comments and feedback.

travis:~$ cat BigUpsMuchRespect

1. nc2600
2. txs
3. wxs
4. Deral Heiland
5. Sahba & Dan @ Security Compass

This entry was posted on Wednesday, April 9th, 2008 at 9:05 am and is filed under SMS, XSS, video. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.