Content

GCIH Gold Paper

Share

Well, it has been some time since it happened but I passed my GCIH Gold paper! Some readers may already know this already, but figured I’d at least throw out the lowdown.
Read the whole paper here.
I entitled the paper “Document Metadata, the Silent Killer…”. Ultimately the paper covers some traditional metadata found in jpeg images, Office documents, PDFs, and a few other interesting places. I talk at length about how to analyze, gather information and make reasonable assumptions about client/network/user configuration and possible attack vectors based on the information from metadata.
sm-farthog.jpgThis information can be beneficial to a penetration tester, as wall as an attacker. In the “perfect storm” we can take the information gathered to be able to deliver a spear fishing type of attack, with a high amount of confidence that the attack will be successful.
The paper also delves into some methods for limiting initial exposure, as well as how to prevent some of the exposure to begin with. I also talk about organizational policy, and some methods on how to introduce separation of duties to prevent accidental exposure.
The paper is fairly lengthy with quite a few examples. Through the course of the paper, I was actually instructed that the paper was too long, and covered too much. I’m of the opinion that it should be done right, so the original content stayed.
So, now you know why much of my technical content lately has been on metadata! Certainly the paper only covers the tip of the iceberg for metadata contents and file formats, but one has to start somewhere. Over the next few weeks the podcast and here on blog I’ll be covering some more metadata sanitization.
If you have any feedback, comments or sugestions, don’t hesitate to drop me a note at larry /at/ securityweekly.com
– L

Larry Pesce

Larry’s core specialties include hardware and wireless hacking, architectural review, and traditional pentesting. He also regularly gives talks at DEF CON, ShmooCon, DerbyCon, and various BSides. Larry holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has been a certified instructor with SANS for 5 years, where he trains the industry in advanced wireless and Industrial Control Systems (ICS) hacking. Larry’s independent research for the show has led to interviews with the New York Times with MythBusters’ Adam Savage, hacking internet-connected marital aids on stage at DEFCON, and having his RFID implant cloned on stage at Shmoocon. Larry is also a Principal Instructor and Course Author for the SANS Institute for SEC617: Wireless Penetration Testing and Ethical Hacking and SEC556: IoT Penetration Testing. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio, (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.