Breaking in to the Iron Fortress - How I hack IBM mainframes

Presented at CactusCon 12 (2024), Feb. 16, 2024, 10 a.m. (60 minutes).

It's been a while since there's been a mainframe talk, and yet the reliance on these machines continues to grow. This talk is about the tooling, the steps and methodology used to conduct a mainframe penetration test from start to finish. We'll talk about the scanning and the updates to Nmap made over the years and how to use them, we'll cover scanning SNA networks and ultimately demonstrate real world examples of how to break in to a mainframe. Once on the mainframe the real fun begins and we'll walk through all the interesting new tooling that exists for system enumeration and privilege escalation, including SVC and zero day buffer over flows. Once we're done with that the talk will conclude with how we exfiltrate any sensitive data we find directly from the mainframe. All of this is done using opensource tooling that attendees will be able to put in to practice so long as they can assemble from HLASM and run some REXX scripts.

Presenters:

  • Philip Young / Soldier of FORTRAN - Hacking the Gibson since 1993   as Soldier of FORTRAN
    Philip Young, Director of Mainframe Penetration Testing Services at NetSPI is an oldschool hacker. He started out on with an Amiga 500 and a modem and never looked back, cutting his teeth on Datapac (the Canadian X.25 network) he eventually grew to searching the internet for interesting things. Later in his career he started taking a serious look at mainframe cybersecurity and realized how far behind mainframes had fallen when compared to their more open system (Windows/Linux). At that point he made it his lifes mission to raise awareness and produce tooling to aid in the testing of these critical resources to help keep them safe. Since then he has given talks around the world at places like BlackHat, DEFCON, RSA, has taught multiple workshops and was even under investigation by the Swedish secret police. In addition he has released countless opensources tools to pentest mainframes.

Links:

Similar Presentations: