Playing hide and seek in Java land
2024-09-12 , Main hall

A comparison between conventional and supply chain attack patterns in Java.

In this talk, we introduce new Java post-exploitation tools while exploring the possibilities and challenges in performing dropping, command & control, persistence, privilege escalation, secret stealing, and lateral movement inside a Java environment.

This talk compares the steps of conventional RCE exploitation in Java with supply chain-based attacks. Using a combination of known but underutilized attack techniques, the living off the Java land attack path challenges assumptions about how attackers may behave after gaining a foothold in a Java process to avoid detection. This talk also explains detection points that a defender can monitor to increase their threat detection capabilities.

Christoffer (Kugg) is a freelance security consultant and frequent participant in the security community. Swedish podcast listeners may have heard him on the podcast säkerhetssnack. You can find some of his latest research nuggets on his company blog

Security researcher.