Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Analysis to Remote Root 0day in a SSL-VPN Appliance

Hack In The Box Security Conference via YouTube

Overview

Delve into a comprehensive analysis of remote root vulnerabilities in SSL-VPN appliances through this Hack In The Box Security Conference presentation. Explore the internals of the F5 FirePass SSL-VPN Appliance, uncovering hidden vulnerabilities despite existing security protections. Follow the journey from reverse engineering to binary planting, decrypting file systems, and examining the environment. Discover how web vulnerabilities, format string vulnerabilities, and persistence lead to overcoming multiple limitations and protections, ultimately gaining a remote unauthenticated root shell. Learn about the responsible disclosure process and the exemplary vendor response from F5. Gain insights into the misconceptions surrounding "security appliances" and the potential impact on Fortune 500 companies. Benefit from the expertise of Israeli security researcher Tal Zeltzer as he shares his findings, research methods, and tools developed during this in-depth investigation.

Syllabus

Introduction
Tals Bio
Research
Disadvantages
Vulnerability
Attack Surface
Analysis
Virtual Machines
Boot Partition
Busy Box Shell
Decrypt Command
Debug Shell
Linux
Slackware
Character Distribution
PHP Encryption
XDebug
MySQL Log
Setup
Tunnel Handler
Tunnel Error
SQL Injection Vulnerability
SQL Log
Propagation
Stack trace
Block comments
Failed
Stack Overflow
Field Terminator
Vulnerability Disclosure Process
Demo
Thanking the EFF
Thanking others
Questions

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Analysis to Remote Root 0day in a SSL-VPN Appliance

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.