Mainframe [z/OS] Reverse Engineering and Exploit Development

Presented at Black Hat USA 2018, Aug. 9, 2018, 3:50 p.m. (50 minutes).

Speak with any Fortune 500 running mainframe and they'll tell you two things: (1) without their mainframes they'd be out of business (2) they do not conduct any security research on them, let alone vulnerability scans. The most infuriating part is that mainframes are simply computers, they're different from what you're used to, but that doesn't mean they can't be hacked. Previous talks about this topic have covered the platform from a high level, imploring you to do the basics. This talk continues this series of talks, given by others, around mainframe hacking. Previously covered topics included network penetration testing and privilege escalation. To complement those talks, this talk will expose attendees to the various tools that exist on the platform to help you do your own reverse engineering, followed by detailed steps on how to start your own exploit development. Attendees will learn what debuggers are available on the platform, such as dbx and ASMIDF, as well as the challenges you'll have using them. After learning how to RE, attendees will then learn how to develop their own exploits and buffer overflows on the platform using C, assembler and JCL. A demo program will be used to teach all these items so people can follow along. Topics included in this discussion are APF authorization, bypassing RACF/ACEE, TSO, Unix System Services.


Presenters:

  • Chad Rikansrud / Bigendian Smalls - Director, N. American Operations, RSM Partners   as Chad Rikansrud
    Chad Rikansrud is the Director of North American Operations for RSM Partners (www.rsmpartners.com) - a world leader in IBM mainframe security consulting services. Chad is an award-winning speaker, with appearances at: DEF CON, RSA, SHARE, DerbyCon, and other local conferences. Most of Chad's 20-year career has been in technology leadership for the financial services industry where he has held various senior leadership positions, including worldwide datacenter operations, infrastructure and recovery responsibility, as well as enterprise-wide system z storage. His current role has taken him back to his hacker roots, in which he gets to literally hack the Gibson for a living - performing mainframe security assessments, exploit development, and penetration tests for some of the world's largest organizations.

Links:

Similar Presentations: