SEC-T 2024 - Summary

Dates: 2024-09-11 - 2024-09-13

Location: Münchenbryggeriet

https://www.sec-t.org/

"Common Language Infrastructure XML (CLIXML) is a widely used PowerShell serialization format. In this presentation, we will learn how to exploit PowerShell deserialization to move laterally and escalate privileges in an enterprise environment. I will perform multiple live demos, including a guest-to-host virtual machine breakout."

"The topic of attacks on access badges is widely discussed, but what can an adversary do when cloning someone’s card isn't an option? How else can one gain entry into high-security areas without direct access to the credentials? In this talk, I will discuss techniques for compromising RFID readers to bypass organizational security mechanisms."

"OSINT gathering is trying to lock on a moving target in an ever-changing landscape. This talk provides a deep dive into today's tools, best practices, counter-measures and common mistakes. Drawing on three years of continuously developing and improving an OSINT-gathering environment in private security, intelligence analyst (or "bad guy hunter" for the movie credits) Elin shares war stories on manipulating big tech, trying to out-compete the spammers and the scammers and interacting with some really Crazy People Online."

"AS/400 - also known as IBM i - has been around since 1988 and is still alive and kicking in many organizations today. In this talk I will recap on known AS/400 hacking techniques and go through a few interesting findings from around 8 security assessments I worked on over the last 10 years that included AS/400 systems. I will cover the network attack surface of an AS/400 system, local privilege escalation and post-exploitation vectors, and demonstrating some novel techniques derived from my own research along the way."