Gone in 60 minutes - Practical Approach to Hacking an Enterprise with Yasuo

Presented at ToorCon San Diego 16 (2014), Oct. 25, 2014, 6 p.m. (50 minutes)

This talk is going to be centered around Yasuo, an open-source vulnerable application scanner purely written in Ruby, that we will be releasing at the conference. If you search through Exploit-db, there are over 10,000 remotely exploitable vulnerabilities that exist in tons of web applications and could allow an attacker to completely compromise the back-end server. These vulnerabilities range from RCE to malicious file uploads to SQL injection to LFI and so on. We often talk about exploiting JBoss jmx-console, Apache tomcat manager but that’s just scratching the surface. A random wise man once said - “It’s not about what, it’s about where”. With all the modern network protections these days, a smart hacker, good or bad, is always looking for that one IP, one port, one application that could be exploited to penetrate through the network. Yasuo is built to quickly scan the network for such vulnerable applications thus serving pwnable targets on a silver platter. During this talk, we will elaborate on the development of Yasuo, the problem, the challenges and how it can be effective in hacking an organization in the real-world scenario.

Presenters:

• Stephen Hall
  Stephen works as a security consultant at Security Compass. He has about three years of experience in the infosec domain, during which he has worked on various challenging client engagements in industries such as financial, energy, healthcare, and technology. He has developed and released smaller CTF style challenges geared towards helping the beginners in learning the trade of hacking. He is often found wearing a Christmas hat at work.
• Saurabh Harit
  Saurabh has a bachelor’s degree in Electronics & Telecommunications and works at Security Compass as Director of Security Research. During his industry experience of over 10 years, Saurabh has worked across diversified industry verticals such as Banking, Aerospace, Building solutions, Process and Control Systems and has developed expertise is various aspects of Information security. Saurabh specializes in web application & network security, with secret crush on binary reverse engineering. He has contributed towards proof-of-concept exploits and white papers in infosec domain as well as delivered security trainings to various fortune 500 clients globally and at reputed security conferences such as CansecWest and BlackHat.

Similar Presentations:

• AppSec USA 2017 / HUNT: Data Driven Web Hacking & Manual Testing
• BSides Austin 2017 / Metasploitable3: An open-source, on-demand vulnerable network
• 31C3 (2014) / The Invisible Committee Returns with "Fuck Off Google": Cybernetics, Anti-Terrorism, and the ongoing case against the Tarnac 10