“GIFShell” — Covert Attack Chain and C2 Utilizing Microsoft Teams GIFs

0
33

“GIFShell” — Covert Attack Chain and C2 Utilizing Microsoft Teams GIFs

Table of Contents

Introduction

Insecure Design Elements/Vulnerabilities

“GIFShell” Walkthrough

Suggested Mitigations For Vendors

Replication Steps

References

Introduction:

*All GIFs contained within this post can be watched in HD for clearer viewing, Medium unfortunately does not allow this to be set by default*

GIFShell POC — https://gfycat.com/ifr/shorttermbrownindigobunting?controls=0&speed=2&hd=1

Architectural …

Read More