BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Doing the Impossible: How I Found Mainframe Buffer O
 verflows\n   When: Saturday\, Aug 13\, 14:30 - 15:15 PDT\n   Where: Caesar
 s Forum - Alliance 301-309\, 321 (Track 4) - [1]Map\n\n   SpeakerBio:Jake 
 Labelle \, Security Consultant\n   Jake\, a security consultant from Basin
 gstoke\, UK\, got his hands on a\n   licensed emulator for z/OS over the p
 andemic \, and considering that we\n   have been in and out of lockdown fo
 r the past two years\, started\n   playing around with it for a fairly goo
 d portion of time. As someone\n   who adores the 80s cyber aesthetic\, he 
 loves mucking around with it\,\n   but also there is nothing legacy about 
 mainframes\, docker\, node js\,\n   python all your modern applications/pr
 ograms are on there. Over the\n   past year\, he has found and reported a 
 number of z/OS LPEs and RCEs\n   vulns to IBM.\n   Twitter: [2]@Jabellz2\n
 \n   Description:\n   Mainframes run the world\, literally. Have you ever 
 paid for something\,\n   a mainframe was involved\, flown? Used a bank? Go
 ne to college? A\n   mainframe was involved. Do you live in a country with
  a government?\n   Mainframes! The current (and really only) mainframe OS 
 is z/OS from\n   IBM. If you've ever talked to a mainframer you'll get tol
 d how they're\n   more secure because buffer overflows are (were) impossib
 le. This talk\n   will prove them all wrong!\n\n   Finding exploits on z/O
 S is no different than any other platform. This\n   talk will walk through
  how you too can become a mainframe exploit\n   researcher!\n\n   Remote c
 ode execution is extra tricky on a mainframe as almost all\n   sockets rea
 d data with the ASCII character set and convert that to\n   EBCDIC for the
  application. With this talk you will find out how to\n   find and then re
 motely overflow a vulnerable mainframe C program and\n   create a ASCII ->
  EBCDIC shellcode to escalate your privileges\n   remotely\, without auth.
  Previous mainframe talks focused on\n   infrastructure based attacks. Thi
 s talk builds on those but adds a\n   class of vulnerabilities\, opening u
 p the mainframe hacking community.\n\n   '\n\n   1. https://defcon.outel.o
 rg/consolidated_page.html#CaesarsAllianceBR\n   2. https://twitter.com/Jab
 ellz2\n\n\n
DTEND:20220813T221500Z
DTSTART:20220813T213000Z
LOCATION:DC - Caesars Forum - Alliance 301-309\, 321 (Track 4)
SUMMARY:Doing the Impossible: How I Found Mainframe Buffer Overflows
END:VEVENT
END:VCALENDAR