PeopleSoft: Hack The Planet's Universities

Presented at DeepSec 2017 „Science First!“, Unknown date/time (Unknown duration).

The PeopleSoft Campus Solutions is used in more than 1000 universities worldwide. In this presentation we will show how to use several vulnerabilities to gain access to the entire information system of the University. And it means grade fraud, sabotage, access to student information, access to credit cards, bills, payment plans, fees, etc. In this presentation, we'll look at the architecture of peoplesoft products, its strengths and weaknesses. We show attack surface, and demonstrate a practical attack on the system. We also prove how one vulnerability affects a whole family of products, Oracle PeopleSoft, not just PeopleSoft Campus Solutions.


Presenters:

  • Dmitry Yudin - https://erpscan.com
    Dmitry Yudin is a security researcher at ERPScan. Exploit developer, bug hunter, Linux fan.

Links:

Similar Presentations: