Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Attacking Nextgen Firewalls

WEareTROOPERS via YouTube

Overview

Explore advanced techniques for attacking next-generation firewalls in this 57-minute conference talk. Dive deep into the architecture and vulnerabilities of Palo Alto Networks firewalls, covering topics such as administrative interfaces, command-line operations, and Linux-based systems. Learn about embedded software stacks, management interfaces, REST APIs, and user identification methods. Witness demonstrations of Global Protect VPN exploitation, web server crashes, and code execution techniques. Gain insights into MIPS architecture, route shell access, and root shell acquisition. Conclude with valuable recommendations for improving firewall security and participate in a Q&A session to further enhance your understanding of next-gen firewall vulnerabilities and attack vectors.

Syllabus

Intro
Introduction
Palo Alto
Features
Agenda
Administrative Interface
Common Line Interface
Linux Architecture
Embedded Software Stack
Management Interface
REST API
User ID
Captive Portal
Client probing
Demo
Global Protect
Global Protect VPN
Web Server Crash
Dead Check
Field Filter Check User
Code Execution
Username
PHP context
PHP body write
MIPS
Route Shell
Root Shell
Recommendations
Questions

Taught by

WEareTROOPERS

Reviews

Start your review of Attacking Nextgen Firewalls

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.