OpenBSD remote Exploit and another IPv6 vulnerabilities

Presented at DEF CON 15 (2007), Aug. 3, 2007, 1 p.m. (50 minutes)

OpenBSD is regarded as a very secure Operating System. This article details one of the few remote exploit against this system. A kernel shellcode is described, that disables the protections of the OS and installs a user-mode process. Several other possible techniques of exploitation are described. Several other ipv6-related vulnerabilities are described and disclosed.

Presenters:

• Alfredo Ortega - Core Security
  Alfredo Ortega: Born at Esquel, Chubut, Argentina on 1978. Worked on lowly security related works (Mostly cracking) since 2000. Majored in Computer Science in Universidad de la Patagonia San Juan Bosco on 2003 PhD student at ITBA (Instituto Tecnologico de Buenos Aires) Actually working as Exploit Writer for Core Security.

Links:

• https://defcon.org/html/defcon-15/dc-15-speakers.html#Ortega
• https://infocon.org/cons/DEF CON/DEF CON 15/DEF CON 15 video/DEF CON 15 - Alfred Ortega - OpenBSD - Remote Exploit and Another IPv6 Vulns - Video.mp4
• https://www.youtube.com/watch?v=pepxCT6UG2A

Similar Presentations:

• BSides Austin 2017 / OpenBSD and the security diaspora
• DeepSec 2014 „Do you want to know more?“ / IPv6 Attacks and Defenses - A Hands-on Workshop
• DeepSec 2015 „DeepSec No. 9“ / Pentesting and Securing IPv6 Networks (closed)