Here’s a teaser on the talk I’m giving at Derbycon 5.0. Mainframe Pentesting / Security. No more excuses.
This is an addendum to the last post. Here is shellcode (and it’s stripped down source) that achieve the same goal as the prior post. The difference is the payload is XOR encoded and the shellcode, and it’s source, have a built in decoder stub that decodes the payload in memory then jumps to… Continue reading Bind Shell – shellcode and source
Key in any basic toolset for pentesting the mainframe platform is a selection of payloads that can be used to test vulnerabilities. Below is a bind shell payload, written from scratch in mainframe assembler. The shell can be connected to using netcat. The payload differs from its Intel counterparts, in that it contains its own EBCDIC to ASCII… Continue reading Mainframe Bind Shell – Source Code
Rocket Software (@rocket on twitter, links below) has a great set of ported tools for System Z. One of them is Python 2.7.6 Python is in ever penetration tester’s toolkit, and one of my favorite uses for it is to get a “clean” shell once you have gotten connectivity to a system. Mainframe is… Continue reading Python shells on Z & a Patch to Ported Tools
If you are interested (and why wouldn’t you be?) Here are is a link to the presentation posted below, given by myself and Soldier of Fortran (@mainframed767) at this year’s DEF CON23. Enjoy! The link to all the tools and code in the presentation can be found here. Security necromancy – Further adventures in… Continue reading DEF CON 23 – Slides & Code
Here are links to the git repositories for code used during my DEF CON talk. DEF CON 23 code
Creating shellcode on System Z (Mainframe) Unix System Services (USS) employs the same disciplines required for the same activities on Intel platforms. The difference lies in the syntax, assembler mnemonics, tools available, and debugging utilities. There are certainly other ways to achieve this, and I’m still refining my favorites. The below is one of my… Continue reading Building shellcode, egghunters and decoders.