All aboard the USS Exploits

Using UNIX System Services to escalate your privileges on z/OS (Pt. #1 of 2) Much has been written about privilege escalation on z/OS, using tried and true methods of abusing UPDATE access to APF-authorized libraries. Suffice to say when the code has made its way to Metasploit, the jig is up. The purpose of this post… Continue reading All aboard the USS Exploits

Learn to hack?

I was asked about sites that help people learn to hack, and/or present hackable applications, virtual machines and websites. The kind people over at twitter were helpful enough to post their favorites. Here is a consolidated list as well as a link to the tweet, lots of other good suggestions in there too. http://overthewire.org/wargames/ http://overthewire.org/wargames/… Continue reading Learn to hack?

Blackhat 2018

Here are my slides (as video) from blackhat 2018 talk. **Note there is no audio – runtime is about 11:40 Mainframe-[zOS]-Reverse-Engineering-and-Exploit-Development

Destination: blackhat 2018

Well – I’m pretty excited about this! blackhat 2018 Briefing – MAINFRAME [Z/OS] REVERSE ENGINEERING AND EXPLOIT DEVELOPMENT

CA World 2017

If you’re going to #CAWORLD 2017 – Come see my Tech Talk, “Pervasive Encryption – Speed Round” to hear the basics & practicalities of IBM’s new Dataset Encryption.