We Hacked the Gibson! Now what?

Presented at BSidesLV 2014, Aug. 6, 2014, 5 p.m. (60 minutes).

IBM has been touting the security of the mainframe for over 30 years. So much so, that the cult of mainframers believes that the platform is impenetrable. Just try showing how your new attack vector works and you'll be met with 101 reasons why it wouldn't work (until you prove them wrong of course). This talk will take direct aim at the cultist! Previous talks about mainframe security only got you to the front door. Leaving many asking 'great, I got a userid/password, now what?!'. That's what this talk is about: the ‘Now what'. You'll learn a few new techniques to penetrate the mainframe (without a userid/password) and then a bunch of attacks, tricks and mischief you can do to further maintain that access, find important files and really go after the mainframe. During this very Demo Heavy talk you'll learn how to take advantage of APF files, SSL key management, cgi-bin in TYooL 2014, what NJE is and why it's bad, why REXX and SETUID are dangerous and how simple backdoors still work (and will likely go undetected).


Presenters:

  • Philip Young / Soldier of FORTRAN - Supreme Commander - Zed Security   as Soldier of FORTRAN
    Soldier of Fortran is a mainframe hacker. Being a hacker from way back in the day (BBS and X.25 networks) he was always enamored by the idea of hacking mainframes. Always too expensive and mysterious he settled on hacking windows and linux machines, until 2010 when he finally got his very own. Not worrying about system uptime he dove in head first and was surprised by what he found. He's spoken both domestically (DEFCON, BlackHat) and internationally on the topic, developed tools for mainframe penetration testing and has even keynoted a large mainframe conferences on this topic.

Links:

Similar Presentations: