SHARE 2016 Atlanta – Presentation – Mainframe exploits

This is a co-presentation I did with Brian Marshall and Mark Wilson.

My slides are the last few, where I demonstrate 3 distinct exploits on the mainframe.  First, off-the-shelf Java with Jboss.  Second, TN3270 SSL MITM (using SETn3270 – thx to @mainframed767) and then use the stolen creds in a mainframe Metasploit module to get a shell.   And third, the final stages of what was a malicious SMP/E payload – demonstrated by an IPL that has an already inserted malicious SMF exit module installed (IEFU29).

Hope you enjoy it! PS – The animated GIFs that show the actual demonstrations don’t work in the deck via slideshare, so I’ve posted them separately below.

02-ssl-creds-msf 02-java-jexboss