One Compromise to Rule Them All

Presented at BSidesLV 2016, Aug. 3, 2016, 6 p.m. (60 minutes).

Welcome to the new age where technologies like DC/OS, Mesos, and Marathon will abstract your entire datacenter into a single logical computer but what happens when a single application or service within your DataCenter's OS inevitability gets compromised? Join us as we explore how a single compromise can enable an attacker to expand access by exploiting many of the technologies supporting a container centric datacenter including ZooKeeper, Marathon, Chronos, Mesos, Docker, and HAProxy. New modules will be released for EmPyre which will enable penetration testers and red teams to more efficiently identify and exploit vulnerabilities within these technologies. Expertise in these technologies is not required since this presentation will cover briefly what you need to know about each service before highlighting how they can be manipulated by an attacker. The information presented is designed to be useful for both Offensive (Red Team) & Defensive (Blue Team) members.

Presenters:

  • Bryce Kunz - Red Team for the Marketing Cloud - Adobe
    Bryce Kunz (a.k.a. @TweekFawkes) is an Information Security Researcher located in Salt Lake City, Utah. Bryce currently leads the security testing of Adobe's marketing cloud SaaS infrastructure via researching and developing custom exploits for web applications and other cloud based technologies. As a security professional, Bryce has spent time at various agencies (i.e. NSA, DoD, DHS, CBP) focusing on vulnerability research, penetration testing, and incident response. Bryce received an MBA from a NSA designated "Center of Excellence" Idaho State University (ISU) program with an emphasis in Information Assurance (IA) on a full academic scholarship from the National Science Foundation (NSF). Bryce holds numerous certifications (e.g. OSCP, CISSP, ...) and has spoken at various security conferences (i.e. BsidesSLC, DerbyCon, etc...).
  • Scott Pack

Links:

Similar Presentations: