BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Atomic Honeypot: A MySQL Honeypot That Drops Shells\
 n   When: Friday\, Aug 9\, 11:30 - 11:59 PDT\n   Where: LVCC West/Floor 1/
 Hall 1/Track 1 - [1]Map\n\n   Description:\n\n   Meet an attacking MySQL h
 onepot which can “Attack the attackers”.\n   In 2023 we have found a C
 VE (CVE-2023-21980) in MySQL that allows a\n   rogue MySQL “server” to
  attack a client connecting to it\; attack\n   meaning RCE on the client s
 ide. Since then we were thinking on how to\n   use it for good. One obviou
 s application is to create a honeypot which\n   will attack the attackers.
  In 2024 we have found another RCE in\n   mysqldump utility (CVE-2024-2109
 6)\, so we have created a rogue MySQL\n   server and weaponized it with a 
 chain of 3 vulnerabilities: 1/\n   arbitrary file read 2/ RCE from 2023 (C
 VE-2023- 21980) 3/ the new RCE\n   (CVE-2024-21096). With this atomic hone
 ypot we were able to discover 2\n   new attacks against MySQL server. Usin
 g arbitrary file read\n   vulnerability in MySQL we were able to download 
 and analyze the\n   attackers' code and then execute an “attack against 
 attackers”\n   using a chain of exploits.\n\n   CVE-2023-21980 CVE-2024-
 21096\n\n   Speakers:Alexander Rubin\,Martin Rakhmanov\n\n   SpeakerBio:  
 Alexander Rubin\, Principal Security Engineer\, leading RDS\n   Red Team a
 t Amazon Web Services (AWS)\n\n   Alexander is a Principal Security Engine
 er at Amazon Web Services\n   (AWS)\, leading RDS Red Team. Alexander was 
 working as MySQL principal\n   consultant/architect for over 15 years\, st
 arted with MySQL AB in 2006\n   (company behind MySQL database)\, Sun Micr
 osystems\, Oracle and then\n   Percona. His security pentest/red teaming i
 nterest started with\n   playing CTFs and performing opensource security r
 esearch. Alexander is\n   managing RDS (relational database as a service) 
 Red Team at Amazon Web\n   Services.\n\n   SpeakerBio:  Martin Rakhmanov\,
  Senior Security Engineer\, RDS Red Team\n   at Amazon Web Services (AWS)\
 n\n   Martin is a Senior Security Engineer at Amazon Web Services (AWS) RD
 S\n   Red Team. Prior to that\, Martin spent 17 years doing security resea
 rch\n   of databases and other targets\, including servers\, desktop\n   a
 pplications and hardware. Martin found more than 30 CVEs across\n   variou
 s databases and other products.\n\n   '\n\n   1. #LVCCW_Level1_Hall1\n\n\n
DTEND:20240809T185900Z
DTSTART:20240809T183000Z
LOCATION:DC - LVCC West/Floor 1/Hall 1/Track 1
SUMMARY:Atomic Honeypot: A MySQL Honeypot That Drops Shells
END:VEVENT
END:VCALENDAR