11-09, 10:30–10:55 (US/Pacific), Red Day
The year is 2019. Mainframes rule the world. They've ruled the world since the 1960s, but i bet you can't even name a single vuln or exploit. This talk aims to change that by presenting current and cutting edge research in to mainframe (specifically the big boy itself z/OS) attacks. New techniques and tools will be released.
- Intro/About me (2 mins)
- Mainframes and z/OS (5 mins)
-
- TSO
-
- JCL
-
- JAVA/C
-
- RACF
-
- Memory
-
- SMF
- Current research (3 minutes)
-
- Talks about updates and changes to z/OS and current attacks
-
- Discusses who is researching what
- Using JAVA to hunt vulns on the mainframe
- Privesc with JAVA (10 minutes)
-
- JAVA on z/OS is homebrew IBM
-
- The RACF interfaces for JAVA
-
- How to take advantage of them
- How to Catch Me (4 minutes)
-
- What does blue team need to catch me
- Outro (1 min)
Philip Young, aka Soldier of FORTRAN, is a leading expert in all things mainframe hacking. Having spoken and taught at conferences around the world, including DEFCON, RSA, BlackHat and keynoting at both SHARE and GSE Europe, he has established himself as the thought leader in mainframe penetration testing. Since 2013 Philip has released tools to aid in the testing of mainframe security and contributed to multiple opensource projects including Nmap, allowing those with little mainframe capabilities the chance to test their mainframes. In addition to speaking, he has built mainframe security programs for multiple Fortune 100 organizations starting from the ground up to creating a repeatable testing program using both vendor and public toolsets. His hope is that through raising awareness about mainframe security more organizations will take their risk profile seriously.