WSUSpendu - How to Hang WSUS Clients

Discover a novel approach to circumventing Windows Server Update Services (WSUS) limitations in this Black Hat conference talk. Learn how to control targeted networks from a compromised WSUS server and explore potential air gap attack strategies for disconnected networks. Delve into the classical attack scenario, chair model, and various devices affected. Understand the mechanics, limitations, and summary of the attack method. Explore data insertion techniques, stored procedures, and proof of concept demonstrations. Gain insights into attack automation, metadata manipulation, and Microsoft's proposed solutions. Examine injection methods, data verification, and export processes. Learn how to protect your systems by following Microsoft's recommendations and controlling array relationships. Investigate metadata signing for disconnected networks and participate in a Q&A session to further your understanding of this critical cybersecurity topic.

Introduction
Classical Attack Scenario
Chair Model
Other Devices
How it works
Limitations
Summary
Inserting Data
Second Try
Stored Procedures
Proof of Concept
Automating Attack
Metadata
Microsoft Solution
Injection
Verify
Export
Data
Victim Check
How to Protect Yourself
Listen to Microsoft
Control Array Relationship
Disconnected Networks
Metadata Signing
Conclusion
Questions