Cyber Security Consultant at EY (Greece)
Nikolaos (Nikos) Vourdas is a "Young Padawan" and Cyber Security Consultant based in Greece. He has a dream that one day will become a "Jedi Master". Nikos studied at University of Western Macedonia (Kozani, Greece) as a Informatics Telecommunication Engineer. He holds OSCP and OSWP certifications. His prior working experience includes the Cyber security Directorate department of the Greek National Defense. From the age of 18, Nikos participates in Bsides Athens and Bsides Cyprus as a CTF organizer. He loves open source but one day Microsoft's Active Directory "stole" his heart... He evolves to Web Application, Internals, Externals Infrastructure Penetration Tests and Source Code Reviews. You can call him "nickvourd" or "ncv". His favorite phrase/slogan is "Last but not least, It is what it is, boyz!".
14:00 - 14:45
21 May 2022 - 09:00 BSides Tirana 2022 - Schedule
Introduction to COM Hijacking
During long term adversary simulations engagements, host persistence is an useful method of regaining access to a compromised workstation or server, without having to exploit the initial foothold all over again. COM object hijacking is an unique technique in which a default system-wide COM Object can be replaced by a malicious software and load in its place. In this presentation we will explore together ways to implement COM Hijacking via CLSID, ProgID, Task Scheduler, Missing Libraries and others.