This is a co-presentation I did with Brian Marshall and Mark Wilson.
My slides are the last few, where I demonstrate 3 distinct exploits on the mainframe. First, off-the-shelf Java with Jboss. Second, TN3270 SSL MITM (using SETn3270 – thx to @mainframed767) and then use the stolen creds in a mainframe Metasploit module to get a shell. And third, the final stages of what was a malicious SMP/E payload – demonstrated by an IPL that has an already inserted malicious SMF exit module installed (IEFU29).
Hope you enjoy it! PS – The animated GIFs that show the actual demonstrations don’t work in the deck via slideshare, so I’ve posted them separately below.
