Presented at
Black Hat Europe 2019,
Dec. 4, 2019, 2:30 p.m.
(50 minutes)
<p><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">Java Remote Method Invocation (RMI) and Common Object Request Broker Architecture (CORBA) are widely deployed mechanisms for cross-process communications. In this talk, we will walk through the technical workflow of the technologies, revealing several critical flaws under the hood and showing how vendors are failing at securing their implementations of them.</span></p><p><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">There are a number of previous works on the subject but we believe they have yet to capture the extend of their exploitability. We will disclose known, not widely known, and unknown exploitation techniques with overlooked 1-days and 0-days to present fruitful attack surfaces on the protocols' implementation. This will be demonstrated via a number of pre-authentication, remote Code Execution exploits on products of some of the biggest vendors out there.</span></p>
Presenters:
-
An Trinh
- Reseacher, Viettel Cyber Security
<span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">An Trinh is enthusiastic about offensive security and has been self-teaching pentest/redteam for many years. While not on engagements, he invests in discovering and developing exploit chains, especially server-side. In the past, An reported Remote Code Execution vulnerabilities in some large corporations such as Mastercard, SWIFT, Deutsche Telekom and in products of vendors like Oracle, VMWare, Dell. <span style="background-color: initial;" data-mce-style="background-color: initial;">Twitter: @_tint0</span></span>
Links:
Similar Presentations: