Dormant DOMination

Explore advanced network attack techniques targeting air-gapped systems in this conference talk from BSidesSF 2017. Delve into the concept of "Dormant DOMination," which leverages browser technologies like WebRTC, Web-Workers, and XMLHttpRequest objects to plant JavaScript hooks that monitor network connectivity changes. Learn how these methods can be used to scan local subnets, identify available hosts, and detect listening ports, potentially compromising even air-gapped networks. Examine existing subnet discovery and scanning techniques, persistence methods, and the implications of using dormant JavaScript objects for periodic network scanning. Gain insights into the vulnerabilities of corporate devices connecting to public networks and the limitations of traditional host-health checks in detecting these sophisticated JavaScript-based threats.

BSidesSF 2017 - Dormant DOMination (xntrik)