I'm new to Pentesting, where can I get your defined potatoes Binary files, Apologies if its sound goofy, but seems like I need a guidance.

Nice sharing~Learn a lot

awesome

Is any of this information relevant in 2024?

✊🏼

This is a very nice tool. Thanks for making it.

Very nice presentation. One note, however, the "Use adopted authority . . . . . . . . . . . . : *YES " setting could be *NO, and most of the same issues are in play. This is a VERY confusing setting. The User Profile (USRPRF) setting is the only thing that matters for the *PGM or *SRVPGM adopting authority. The "Use Adopted Authority" indicates if this program should inherit any adopted authority from the program that calls it. So if PGM A calls B, and A has USRPRF(QSECOFR), then A has adopted authority from QSECOFR. B will also have adopted authority when called from A, unless "Use Adopted authority" is *NO. Of course B itself may have USRPRF(QSECOFR2) and will adopt QSECOFR2's authority but not QSECOFR's authority.

Excellent !!!

Most shown there are features, not bugs.

As a life-long IBM i guy I love the approach you've shown here. A MASSIVE number of my colleagues with the years of experience are mostly unaware of this level of interaction with the system. Many of these colleagues agree with you on restricting command line being a great tool! (It's not.) Clearly there are not the quantity of these servers running such as Windows or Linux, but where they live and what they do is nearly always VERY key to the business, so the value to hacking one can be very substantial!

IBM i Address space is actually 128 bits not that tiny 64 bit. 🙂

Amazing presentation!!

Hey looks like theirs 5 minutes of a black screen at the end of the video. You could probably cut it off with one of KZbins Creator studio tools

Awwww - would have loved to see you all this year. Hope I can come by in 2025! //Flo #wearetroopers

Great talk, can we get the slides? The link in the description is now working.

are the slides available anywhere? :)

0:39 Whoami 3:59 Microsoft Remote Desktop Services (RDS) Roles 6:47 How to compromised and investigate a RDS infrastructure (Gaining an initial foothold) 21:08 How to compromised and investigate a RDS infrastructure (Breaking out of RDS) 28:04 How to compromised and investigate a RDS infrastructure (Additional compromise) 28:59 How to compromised and investigate a RDS infrastructure (Additional compromise - Demo) 32:27 How to compromised and investigate a RDS infrastructure (Real World Attack Case#1) 35:46 How to compromised and investigate a RDS infrastructure (Real World Attack Case#2) 38:34 How to compromised and investigate a RDS infrastructure (Recommendation)

I'm at the first cacti issue and already pray things start getting harder over the duration of the talk

Nice Presentation! We know your company for writing amazing articles (with rigorous technical details) too!!

Here in Finland Mikko is know as "the rockstar of cyber security". Anyone watching this keynote will immediately see why.

00:05 🕵 Introduction to powerful Windows coercion techniques 00:50 🔓 PetitPotam for initial access via encryption service 05:00 🖨 PrinterBug abuses print spooler for foothold 10:07 💥 ADCS attack for instant domain admin access 18:41 📧 Outlook vuln to steal user credentials 20:19 🔌 NTLM relay for privilege escalation 27:06 🗝 Abusing machine accounts for lateral movement 31:30 🎫 Kerberos delegation misconfigs for domain admin 39:56 🔒 Mitigations that can stop these attacks 44:32 🏁 Summary - lethal techniques, implement defenses

Theems neither the Whitepaper nor the SAP Logs Collector are available at the links shown in the talk.

Mikko is amazing and I love most of his talks, but the hype and spookiness over the AI/image gen showed his misunderstanding a bit. It really started to go off the rails a bit there when it comes to sensationalism :/

19:12 When comparing to the description given in SAP Note 2216306, one hase to refrain from setting values for which it is stated 'In the case of an RFC logon in the same system with the same user and client, no authorization check is executed.' and additionally the ones which only take effect for some FuBas 'if this is called from SAP GUI' (for other reasons). Knowing this, I end up with the value '2' (obsolete) and '9'. For the value '9' SAP states 'this value scarcely brings about any security improvement in comparison with the value 6.' It seems this statement misses the while internal conversation scenario. SAP should reconsider their recommendation. 47:13 Some month ago, I convinced SAP to make an adjustment in the UCON framework, as it blocked the assignment of certain function modules (mostly of group SRFC) to the SNC_CA. The fix was provided in SAP note 3352382.

Who gave ChatGPT the money to pay humans for cracking the code?

Maybe helpfull: Main Security Issues Fixed Code Vulnerabilities: The speaker mentions that Nissan had fixed code vulnerabilities that could be exploited. Remote Unlocks: There are vulnerabilities that allow for the remote unlocking of entire vehicle fleets due to flaws in the Series XM head unit operating system. Internal Architecture: The speaker mentions that vehicles have bad internal architecture, making them susceptible to various kinds of attacks. Weak Authentication: The talk discusses the use of weak methods for authentication, such as byte additions and single-digit integer additions for seeds, which can compromise vehicle security. Backdoors: Some systems have backdoors implemented that are outside the scope of requirements, leading to potential security risks. Telematics Unit: Newer vehicles have telematics units for connectivity, which if not properly secured, can act as a starting point for mass exploitation. Poor Design Choices: The speaker mentions that poor design choices, such as direct access to internal buses behind headlights, can lead to devastating results. Bootloaders: The talk discusses vulnerabilities in the bootloader section of ECUs, which can be exploited if not properly secured. Battery Isolator: In electric and fuel cell vehicles, the battery isolator can be exploited to reset the whole vehicle and gain access to boot processes. Regulatory Gaps: The speaker mentions that current regulations, set to come into effect in 2024, may not be sufficient to ensure vehicle cybersecurity. Would you like to delve deeper into any of these points?

Turns out the shills were real (fake) the whole time

Passend zur Defcon 😄

Nice stuff. Thanks for sharing.

That’s a great way to look at it.

So, did anyone challange Mikko on the fireball? :D Great keynote, looking forward for the rest of the talks to get uploaded!

I'm not even done watching the video but wanted to make sure to leave a comment. THANK YOU, for putting the slides into the video in a readable fashion and not just relying on video footage of the projector screen at the conference.

👍🏻

Does this log injection works on linux based?

Great presentation! Very interesting. Good job.

North Korea also has no crime rate and people don't even dare throw trash on the street or steal things. Why do you guys always bash them? And how is any of this a bad thing?

Sound is fixed at 5:30

👏

Terrible, terrible sound

wow this is crazy good work. this class should be in the millions view

Man, she really had to kick my boy Albert while he was down

Good stuff but why not just say this is for Penetration testing? I like seeing Python and Unix but also PoSH. It is MSFT after all and you left out their best scripting language.

Thank you!

Very well done, my son ❤️

I like how it goes from a German accent to “Howdy y’all🤠”

Amazing talk. Need to be more popular. I really appreciate the fact that basics of hypervisor is covered along with security aspects.

proud to say i patch dell iDRAC bmc but ummm everything else is lacking

Link to download pdf offline.

This was such a fun talk to give. The TROOPERS conference is excellent.

Love this presentation! Thanks ropnop!