PeopleSoft: Hack The Planet's Universities

Presented at DeepSec 2017 „Science First!“, Unknown date/time (Unknown duration)

The PeopleSoft Campus Solutions is used in more than 1000 universities worldwide. In this presentation we will show how to use several vulnerabilities to gain access to the entire information system of the University. And it means grade fraud, sabotage, access to student information, access to credit cards, bills, payment plans, fees, etc. In this presentation, we'll look at the architecture of peoplesoft products, its strengths and weaknesses. We show attack surface, and demonstrate a practical attack on the system. We also prove how one vulnerability affects a whole family of products, Oracle PeopleSoft, not just PeopleSoft Campus Solutions.

Presenters:

• Dmitry Yudin - https://erpscan.com
  Dmitry Yudin is a security researcher at ERPScan. Exploit developer, bug hunter, Linux fan.

Links:

• https://deepsec.net/archive/2017.deepsec.net/speaker.html#PSLOT297

Similar Presentations:

• May Contain Hackers (MCH2022) / Around the world in 80 networks, Hacking Universities Worldwide. ( ...lessons learned at age 15. )
• THOTCON 0x8 (2017) / University Privacy: How to Doxx 60,000 Students