Josh Schwartz, executive of offensive security, and John Cramb, a senior offensive security engineer based in Australia, were fired by a senior Salesforce official via text message, according to sources usual with the matter.
The duo was said in a message, sent 30 minutes before the beginning of their talk, that if the show went ahead, they would be fired, it is demanded. Schwartz and Cramb didn’t see the text in time, gave their talk, and shortly after departing the stage, Schwartz validated they no longer worked at Salesforce.
The talk focused on an interior project called MEATPISTOL, which was defined as “a modular malware framework for implant production, industrial automation, and shell communication.” It’s related to the popular penetration-testing tool Metasploit; that MEATPISTOL is an anagram of Metasploit is no accident. The plan was to open-source MEATPISTOL, although this movement was resisted by bosses and lawyers at Salesforce notwithstanding being signed off earlier this year.
Schwartz and Cramb were members of the San Francisco business cloud company’s red team, an association of hackers concentrating in testing and strengthening network protection by finding and exploiting vulnerabilities. They had been operating on MEATPISTOL to help another red teamers do their job. Here’s a summary of the code and the exhibition from the DEF CON website:
Attention Red Teamers, Penetration Testers, and Offensive Security Operators aren’t the overhead of supporting attribution, turning up infrastructure, and ought to constantly re-write malware an entire pain and time sink!?! It was for us too, so we’re making that easy for good well, maybe for evil. Join us for the public unveiling and open source of our latest project, MEATPISTOL, a modular malware library for implant creation, industrial automation, and shell communication. This framework is intended to meet the needs of aggressive security operators requiring rapid configuration and production of long lived malware implants and associated command and command infrastructure. Say goodbye to reproducing janky one-off malware and say hello to making upon a framework intended to support efficient Yolo scoped adversarial attacks against capable targets.
Within moments of giving their talk at 5 pm on Friday, July 28, Schwartz tweeted that he and Cramb had exited Salesforce. He later withdrew the tweet after stress from managers. Cramb later tweeted to say they “both care strongly about MEATPISTOL being open sourced and are currently working to accomplish this.”
Take your time to comment on this article.
