Month: April 2017

Metasploit, now with Privilege Escalation!

Update: The PR was accepted. Update your Metasploit installation and have a look!

Version 1 of an APF privilege escalation (Requires Creds) of a metasploit module has been submitted for inclusion. This version has no bells or whistles.

You can view it here:

PR# 8228 z/OS Privesc via authorized APF library write access

Posted on April 11, 2017April 15, 2017Categories Exploit Development, Mainframe, Security

SP4RKCON 2017 – Hacking mainframes for CICS and giggles

Here’s the presentation I gave at sp4rkcon:

Hacking mainframe for CICS and giggles

(PPTX ~43mb)

Posted on April 2, 2017April 2, 2017Categories Exploit Development, Mainframe, Security