This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, October 28 • 11:30 - 12:30
Hacking KPN: Lessons from the trenches

Sign up or log in to save this to your schedule and see who's attending!

This talk will dive into three very different but equally interesting vulnerabilities, from the perspective of the in-house penetration testing done by the KPN (Royal Dutch Telecom) REDteam. We will not only go into the technical details of the vulnerabilities, but also share some tips and tricks on how we handle things like reporting, emotional counselling of internal stakeholders, browbeating vendors, etc.

One vulnerability will demonstrate how pervasive the relatively recently announced Java Deserialisation vulnerability is (even among a big enterprise cloud player who should know better). This will show an interesting example of where the Java Deserialisation vulnerability can show up and we will also release an update to a tool to detect this variation. We will guide you through the process of discovery and exploitation via an enterprise mobile app that was completely unexpected.
Another vulnerability (disclosed to the vendor, but not yet publicly released) will demonstrate how simple it sometimes is to bypass or abuse "enterprise grade" solutions, in this case a security device for mobility management/single sign-on. Some of you might also be suffering through vulnerability disclosures and because pain shared is pain divided, we'll go into how the KPN-CERT has tried to deal with this vulnerability disclosure. The last vulnerability will demonstrate the finer points of reverse engineering crypto out of a custom in-house developed binary with a surprising KISS lesson learned weeks after testing was complete. You can expect to see ImmunityDebugger at work here with useful tips and tricks for getting to the core of crypto functionality and then extracting it out for fun and profit (ok, maybe not profit).
Some company and product names have been censored to protect the guilty ;-)


Jeremy Goldstein

Jeremy is the team lead of the KPN (Royal Dutch Telecom) REDteam based in Amsterdam, The Netherlands. He has over 10 years experience in penetration testing and has also spent plenty of time doing incident response and some threat intel. Jeremy enjoys coding and almost anything sufficiently technical... even though he's a team lead. Prior to joining KPN, Jeremy helped build and run a successful penetration testing, incident response and threat... Read More →

Bouke van Laethem

Bouke has been (legally) breaking stuff (or rather, finding stuff that's broken) since 2007. Fittingly equipped with a masters in Ancient History, he has been throwing himself at IT security armed with two of the most dangerous questions: "surely this wont work?" and "what does this button do?"

Friday October 28, 2016 11:30 - 12:30
01. Westvleteren University

Attendees (132)