SlideShare ist ein Scribd-Unternehmen logo

What happened behind the closed doors at MS

DefCamp
DefCamp

Dimitri van de Giessen in Bucharest, Romania on November 8-9th 2018 at DefCamp #9. The videos and other presentations can be found on https://def.camp/archive

Technologie
1 von 60
Downloaden Sie, um offline zu lesen
How MS responded when they were hacked A real life POV story by @DimitriNL
Last email Quote “Microsoft Security Response Center” 2018.04.28 “The team is asking that you not use the SAM information or Microsoft's name. Ultimately the decision is yours.
What you will see in this DefCamp talk 2018 - Drama - Mystery - Action - and some NSFW As far as I know this is not available on:
Who Am I now Dimitri - 37 years Married - A baby girl 11 months Living in The Netherlands My hobbies: Snowboarding & cooking EC Council CHFI (Computer Hacking Forensic Investigator) System Engineer Working/worked for Dutch Government, Healthcare, Multinationals and …..
My dog “Rada”
WHAT I WILL DISCUSS Who was I What did I do Why go to the press How MS responded What happened next
BACK TO THE YEAR 2000 LET’S STEAL MICROSOFT’S MOJO
Who was I Age 19 years Living At my parents house Work ICT Service Company Playing with firewalls Freelance pentester Studie System Engineer Hobbies Wing Chun Kung Fu & ...
My hobbies Discovering new and using existing ways of hacking: Microsoft Internet Information Server, Site Server, Frontpage extensions, Commerce Server & Index Server. For example: CVE-2006-1257 Microsoft Commerce Server: Authentication bypass https://vuldb.com/?id.29228 2002 Found - 2003 Reported 2003 Fixed - 2006 Full disclosure
Online & Offline activities Newsgroups: Buqtraq & more Websites: Securityfocus, Attrition & Packetstorm Books books books Networking & Red Hat & Windows books To be in contact: IRC (DUH) Playing games: Delta Force
EXTRA EXTRA READ ALL ABOUT IT
Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com Fourth contactSecond contact Third contact
First Security Notice Report to Microsoft 2000.05.30: Sample files on Microsoft.com (Source code disclosure ASP files) http://www.microsoft.com/indon esia/MBICC/search/query.htm
Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com Fourth contact 2000.05.31 Second contact Standard installed servers: forum.microsoft.com & windowsce.microsoft.com Third contact
Second Security Notice Report to Microsoft 2000.05.31: Standard installation of IIS 4 (Everything was possible) http://forum.microsoft.com https://windowsce.microsoft.co m
Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com Fourth contact 2000.05.31 Second contact Standard installed servers: forum.microsoft.com & windowsce.microsoft.com 2000.08.15 Third contact Database passwords found on *.microsoft.com
Third Security Notice Report to Microsoft 2000.08.30: Passwords found on several servers of *.microsoft.com (Source code disclosure ASP/ASA files)
Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com 2000.10.22 Fourth contact Access to several *.microsoft.com servers. 2000.05.31 Second contact Standard installed servers: forum.microsoft.com & windowsce.microsoft.com 2000.08.15 Third contact Database passwords found on *.microsoft.com
Fourth Security Notice Report to Microsoft 2000.10.22 Access to several *.microsoft.com servers.
Fourth Security Notice Report to Microsoft 2000.10.23 Second email to microsoft
No answer after 4 days
Possible scenarios what they were thinking
1 NOVEMBER 2000 11 days no answer Time to do something
Why go to the press Reason 1:
Why go to the press Reason 2: Microsoft doesn’t update their systems.
The press wanted proof So what do you post as proof for the world to see? https://youtu.be/Cipc8EowshY?t=12s
7 NOVEMBER 2000 News article goes online
Some quotes from the first news article “The latest breach was minor by comparison and was fixed almost immediately, the company said” The server, which was nearing its scheduled retirement age, suffered from not having received a new software update, or "patch," that was issued Oct. 17, Sohn said. Microsoft has corrected the problem, he added. "It's a challenge when you run a major network with many servers. Even though this server was near retirement, we would have preferred that it had the patch. It's certainly the exception and not the rule; this one fell through the cracks
After a few days What do you post when you see the post is gone but the servers are still not patched? https://youtu.be/CduA0TULnow?t=1m28s Oopsididitagain.htm Patching your systems is very hard huh MSG to Britney: I loved your concert in the Netherlands
Some quotes from the second news article "We want to start a dialog with Dimitri” “We would like to know why Dimitri feels he needs to challenge us this way."
Meeting at Microsoft in The Netherlands What did my welcome look like
What we discussed The well known Unicode Directory Traversal Exploit. 2000.10.18 Rain Forest Puppy's investigated the anonymous forum post on Packetstorm and made a perfect explanation about the vulnerability. 2000.10.18 2000.10.18 The same evening me and some friends also posted on NT bugtraq with details on what you can do with it. For example you don’t need to use only the “scripts” folder but you can also use “MSADC”folder which is default installed on the C drive. More often used. The Scripts were usually installed on the D drive.
Access on the following servers Windowsupdate.microsoft.com 128download.microsoft.com Events.microsoft.com Insider.microsoft.com Library.microsoft.com & More
The Damage control questions from MS: Did you do any damage? No Did you upload viruses? No Did you create backdoors? No Why did you do this? Updating systems is a difficult task for system admin. Also for MS.
My recommendations to MS in the year 2000 Start a Microsoft Security Response Center in Europe. Features & samples in IIS (and Windows in general) default “off” and not “on”
Microsoft last words at the meeting If you find more vulnerabilities in the future let us know. Keep in touch at Microsoft The Netherlands.
Email quotes “From MS spokesman with love” “All press contacts about your activities that concern Microsoft are now over. All communication about hacking Microsoft through you to press goes through Microsoft."
Email quotes “From MS spokesman with love” "If we are approached by the press, our comments will be that we have indeed spoken to each other, but that we will not make further statements about this conversation."
Email quotes “From MS spokesman with love” "From the US they have responded with approval to our conversation. I think - and I mean that - that you'll getting away with this too easy without charges."
What did my employer think about it I should have gone to my manager before exposing my findings to say that I had access on *.microsoft.com. They could have Microsoft as customer. They planned a meeting at the airport behind customs with Compaq.
What happens if you refuse?
I needed a break What is the best place to work and have fun?
Working in the club scene
My workspace
My workspace
But what happened in 2003?
But what happened in 2003? I found a vulnerability in Microsoft Commerce Server: CVE-2006-1257
Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15:
Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Fix in Service pack. 2003.04.26:
Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Fix in Service pack. 2003.04.26: Microsoft: No call call out reporter 2003.04.27: No “call out” then I will not give my support 2003.04.28:
Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Microsoft: Fix in Service pack. 2003.04.26: Microsoft: No call call out reporter 2003.04.27: Me: No “call out” then I will not give my support 2003.04.28: Microsoft: bla bla, customers bla bla 2003.04.28:
Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Microsoft: Fix in Service pack. 2003.04.26: Microsoft: No call out reporter 2003.04.27: Me: No “call out” then I will not give my support 2003.04.28: Microsoft: bla bla, customers bla bla 2003.04.28: Me: Only the sun rises for free I’m only asking for a “call out” 2003.05.06: Microsoft: KB article in service pack will have the “call out” 2003.08.26: Microsoft released Service Pack & security bulletin regarding the vulnerability.
Top questions Most asked: “Did you hack Microsoft?! Are you rich?” “Can you hack somebody’s hotmail for me?” “Can you hack a bank for me?” Strange questions: “Can you crash a train for us to make a documentary about hacking?” “Can you hack a pigeon breeder website for me?”
Bucket list Hack Microsoft Receive call out in Microsoft Product Meet Britney Spears Going worldwide with my talk DefCon Skytalks (USA, Las Vegas) - Sec-T (Sweden, Stockholm) - Kaz’Hack’Stan (Kazakhstan, Almaty) - UISGCON (Ukraine, Kiev) DefCamp (Romania, Bucharest) & More to be confirmed
THANK YOU Twitter: @DimitriNL

Empfohlen

How to fix mac error code 36
How to fix mac error code 36 How to fix mac error code 36
How to fix mac error code 36 sweetieWilliam
 
Building Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social NetworksBuilding Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social NetworksHenry Story
 
Facebook Security
Facebook SecurityFacebook Security
Facebook Securitythaash95
 
Online policy primer – net303
Online policy primer – net303Online policy primer – net303
Online policy primer – net303atleeit
 
RAVE - Facebook 101 upload contacts
RAVE - Facebook 101 upload contactsRAVE - Facebook 101 upload contacts
RAVE - Facebook 101 upload contactsEye 4 Marketing, LLC
 
the app code 2.0
the app code 2.0the app code 2.0
the app code 2.0pumpscale73
 
How social media can make or break you
How social media can make or break youHow social media can make or break you
How social media can make or break youssjmauro
 
Internet Safety Final Copy
Internet Safety Final CopyInternet Safety Final Copy
Internet Safety Final Copyguest42858f
 

Empfohlen

How to fix mac error code 36
How to fix mac error code 36 How to fix mac error code 36
How to fix mac error code 36 sweetieWilliam
 
Building Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social NetworksBuilding Secure Open & Distributed Social Networks
Building Secure Open & Distributed Social NetworksHenry Story
 
Facebook Security
Facebook SecurityFacebook Security
Facebook Securitythaash95
 
Online policy primer – net303
Online policy primer – net303Online policy primer – net303
Online policy primer – net303atleeit
 
RAVE - Facebook 101 upload contacts
RAVE - Facebook 101 upload contactsRAVE - Facebook 101 upload contacts
RAVE - Facebook 101 upload contactsEye 4 Marketing, LLC
 
the app code 2.0
the app code 2.0the app code 2.0
the app code 2.0pumpscale73
 
How social media can make or break you
How social media can make or break youHow social media can make or break you
How social media can make or break youssjmauro
 
Internet Safety Final Copy
Internet Safety Final CopyInternet Safety Final Copy
Internet Safety Final Copyguest42858f
 
Enemies of the west
Enemies of the westEnemies of the west
Enemies of the westNeil Lines
 
How to get genuine windows 7 with low cost
How to get genuine windows 7 with low cost How to get genuine windows 7 with low cost
How to get genuine windows 7 with low cost coldfire007
 
Hacker halted2
Hacker halted2Hacker halted2
Hacker halted2samsniderheld
 
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamWhat is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamMITRE ATT&CK
 
Self Help1
Self Help1Self Help1
Self Help1bizet
 
Using Technology and Social Software to Connect with Members and Allies
Using Technology and Social Software to Connect with Members and AlliesUsing Technology and Social Software to Connect with Members and Allies
Using Technology and Social Software to Connect with Members and AlliesChristopher Wyble
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Hacking
HackingHacking
HackingTushar Moolya
 
Microsoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneMicrosoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneVinh Nguyen
 
Microsoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneMicrosoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneVinh Nguyen
 
Keynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapKeynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapSecurityTube.Net
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primeramiable_indian
 
M11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentM11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentMegan Jones
 
UUUU
UUUUUUUU
UUUUyonny4103
 
Ferret - Data Seepage
Ferret - Data SeepageFerret - Data Seepage
Ferret - Data Seepageamiable_indian
 
Ferret
FerretFerret
Ferretyonny4103
 
Web application security
Web application securityWeb application security
Web application securityrandhawa121985
 
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)ITCamp
 
Microsoft Vulnerability Research - How to be a finder as a vendor
Microsoft Vulnerability Research - How to be a finder as a vendorMicrosoft Vulnerability Research - How to be a finder as a vendor
Microsoft Vulnerability Research - How to be a finder as a vendorJeremy Brown
 
Is Your Data Secure?
Is Your Data Secure?Is Your Data Secure?
Is Your Data Secure?CBIZ & MHM Phoenix
 
Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 

Weitere ähnliche Inhalte

Ähnlich wie What happened behind the closed doors at MS

Enemies of the west
Enemies of the westEnemies of the west
Enemies of the westNeil Lines
 
How to get genuine windows 7 with low cost
How to get genuine windows 7 with low cost How to get genuine windows 7 with low cost
How to get genuine windows 7 with low cost coldfire007
 
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamWhat is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamMITRE ATT&CK
 
Self Help1
Self Help1Self Help1
Self Help1bizet
 
Using Technology and Social Software to Connect with Members and Allies
Using Technology and Social Software to Connect with Members and AlliesUsing Technology and Social Software to Connect with Members and Allies
Using Technology and Social Software to Connect with Members and AlliesChristopher Wyble
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Microsoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneMicrosoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneVinh Nguyen
 
Microsoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneMicrosoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneVinh Nguyen
 
Keynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapKeynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapSecurityTube.Net
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primeramiable_indian
 
M11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentM11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentMegan Jones
 
Web application security
Web application securityWeb application security
Web application securityrandhawa121985
 
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)ITCamp
 
Microsoft Vulnerability Research - How to be a finder as a vendor
Microsoft Vulnerability Research - How to be a finder as a vendorMicrosoft Vulnerability Research - How to be a finder as a vendor
Microsoft Vulnerability Research - How to be a finder as a vendorJeremy Brown
 

Ähnlich wie What happened behind the closed doors at MS (20)

Enemies of the west
Enemies of the westEnemies of the west
Enemies of the west
 
How to get genuine windows 7 with low cost
How to get genuine windows 7 with low cost How to get genuine windows 7 with low cost
How to get genuine windows 7 with low cost
 
Hacker halted2
Hacker halted2Hacker halted2
Hacker halted2
 
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red TeamWhat is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
What is ATT&CK coverage, anyway? Breadth and depth analysis with Atomic Red Team
 
Self Help1
Self Help1Self Help1
Self Help1
 
Using Technology and Social Software to Connect with Members and Allies
Using Technology and Social Software to Connect with Members and AlliesUsing Technology and Social Software to Connect with Members and Allies
Using Technology and Social Software to Connect with Members and Allies
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Hacking
HackingHacking
Hacking
 
Microsoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneMicrosoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyone
 
Microsoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyoneMicrosoft lync server 2013 step by step for anyone
Microsoft lync server 2013 step by step for anyone
 
Keynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapKeynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication Gap
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
 
M11Cde Skills-Based Assessment
M11Cde Skills-Based AssessmentM11Cde Skills-Based Assessment
M11Cde Skills-Based Assessment
 
UUUU
UUUUUUUU
UUUU
 
Ferret - Data Seepage
Ferret - Data SeepageFerret - Data Seepage
Ferret - Data Seepage
 
Ferret
FerretFerret
Ferret
 
Web application security
Web application securityWeb application security
Web application security
 
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)
Security Myths and Facts in Today's It World (Tudor Damian & Mihai Tataran)
 
Microsoft Vulnerability Research - How to be a finder as a vendor
Microsoft Vulnerability Research - How to be a finder as a vendorMicrosoft Vulnerability Research - How to be a finder as a vendor
Microsoft Vulnerability Research - How to be a finder as a vendor
 
Is Your Data Secure?
Is Your Data Secure?Is Your Data Secure?
Is Your Data Secure?
 

Mehr von DefCamp

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?DefCamp
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXDefCamp
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...DefCamp
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDefCamp
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)DefCamp
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFADefCamp
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationDefCamp
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money downDefCamp
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...DefCamp
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochDefCamp
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareDefCamp
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?DefCamp
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured DefCamp
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.DefCamp
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber SecurityDefCamp
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering holeDefCamp
 

Mehr von DefCamp (20)

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of Trust
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UX
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber Security
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering hole
 

Kürzlich hochgeladen

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 

Kürzlich hochgeladen (20)

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 

What happened behind the closed doors at MS

  • 1. How MS responded when they were hacked A real life POV story by @DimitriNL
  • 2. Last email Quote “Microsoft Security Response Center” 2018.04.28 “The team is asking that you not use the SAM information or Microsoft's name. Ultimately the decision is yours.
  • 3. What you will see in this DefCamp talk 2018 - Drama - Mystery - Action - and some NSFW As far as I know this is not available on:
  • 4. Who Am I now Dimitri - 37 years Married - A baby girl 11 months Living in The Netherlands My hobbies: Snowboarding & cooking EC Council CHFI (Computer Hacking Forensic Investigator) System Engineer Working/worked for Dutch Government, Healthcare, Multinationals and …..
  • 6. WHAT I WILL DISCUSS Who was I What did I do Why go to the press How MS responded What happened next
  • 7. BACK TO THE YEAR 2000 LET’S STEAL MICROSOFT’S MOJO
  • 8. Who was I Age 19 years Living At my parents house Work ICT Service Company Playing with firewalls Freelance pentester Studie System Engineer Hobbies Wing Chun Kung Fu & ...
  • 9. My hobbies Discovering new and using existing ways of hacking: Microsoft Internet Information Server, Site Server, Frontpage extensions, Commerce Server & Index Server. For example: CVE-2006-1257 Microsoft Commerce Server: Authentication bypass https://vuldb.com/?id.29228 2002 Found - 2003 Reported 2003 Fixed - 2006 Full disclosure
  • 10. Online & Offline activities Newsgroups: Buqtraq & more Websites: Securityfocus, Attrition & Packetstorm Books books books Networking & Red Hat & Windows books To be in contact: IRC (DUH) Playing games: Delta Force
  • 12. Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com Fourth contactSecond contact Third contact
  • 13. First Security Notice Report to Microsoft 2000.05.30: Sample files on Microsoft.com (Source code disclosure ASP files) http://www.microsoft.com/indon esia/MBICC/search/query.htm
  • 14. Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com Fourth contact 2000.05.31 Second contact Standard installed servers: forum.microsoft.com & windowsce.microsoft.com Third contact
  • 15. Second Security Notice Report to Microsoft 2000.05.31: Standard installation of IIS 4 (Everything was possible) http://forum.microsoft.com https://windowsce.microsoft.co m
  • 16. Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com Fourth contact 2000.05.31 Second contact Standard installed servers: forum.microsoft.com & windowsce.microsoft.com 2000.08.15 Third contact Database passwords found on *.microsoft.com
  • 17. Third Security Notice Report to Microsoft 2000.08.30: Passwords found on several servers of *.microsoft.com (Source code disclosure ASP/ASA files)
  • 18. Contact with “Microsoft Security Response Center" 2000.05.30 First contact Sample files were used on www.microsoft.com 2000.10.22 Fourth contact Access to several *.microsoft.com servers. 2000.05.31 Second contact Standard installed servers: forum.microsoft.com & windowsce.microsoft.com 2000.08.15 Third contact Database passwords found on *.microsoft.com
  • 19. Fourth Security Notice Report to Microsoft 2000.10.22 Access to several *.microsoft.com servers.
  • 20. Fourth Security Notice Report to Microsoft 2000.10.23 Second email to microsoft
  • 21.
  • 22. No answer after 4 days
  • 23. Possible scenarios what they were thinking
  • 24. 1 NOVEMBER 2000 11 days no answer Time to do something
  • 25. Why go to the press Reason 1:
  • 26. Why go to the press Reason 2: Microsoft doesn’t update their systems.
  • 27. The press wanted proof So what do you post as proof for the world to see? https://youtu.be/Cipc8EowshY?t=12s
  • 28. 7 NOVEMBER 2000 News article goes online
  • 29. Some quotes from the first news article “The latest breach was minor by comparison and was fixed almost immediately, the company said” The server, which was nearing its scheduled retirement age, suffered from not having received a new software update, or "patch," that was issued Oct. 17, Sohn said. Microsoft has corrected the problem, he added. "It's a challenge when you run a major network with many servers. Even though this server was near retirement, we would have preferred that it had the patch. It's certainly the exception and not the rule; this one fell through the cracks
  • 30. After a few days What do you post when you see the post is gone but the servers are still not patched? https://youtu.be/CduA0TULnow?t=1m28s Oopsididitagain.htm Patching your systems is very hard huh MSG to Britney: I loved your concert in the Netherlands
  • 31. Some quotes from the second news article "We want to start a dialog with Dimitri” “We would like to know why Dimitri feels he needs to challenge us this way."
  • 32. Meeting at Microsoft in The Netherlands What did my welcome look like
  • 33. What we discussed The well known Unicode Directory Traversal Exploit. 2000.10.18 Rain Forest Puppy's investigated the anonymous forum post on Packetstorm and made a perfect explanation about the vulnerability. 2000.10.18 2000.10.18 The same evening me and some friends also posted on NT bugtraq with details on what you can do with it. For example you don’t need to use only the “scripts” folder but you can also use “MSADC”folder which is default installed on the C drive. More often used. The Scripts were usually installed on the D drive.
  • 34.
  • 35.
  • 36. Access on the following servers Windowsupdate.microsoft.com 128download.microsoft.com Events.microsoft.com Insider.microsoft.com Library.microsoft.com & More
  • 37. The Damage control questions from MS: Did you do any damage? No Did you upload viruses? No Did you create backdoors? No Why did you do this? Updating systems is a difficult task for system admin. Also for MS.
  • 38. My recommendations to MS in the year 2000 Start a Microsoft Security Response Center in Europe. Features & samples in IIS (and Windows in general) default “off” and not “on”
  • 39. Microsoft last words at the meeting If you find more vulnerabilities in the future let us know. Keep in touch at Microsoft The Netherlands.
  • 40. Email quotes “From MS spokesman with love” “All press contacts about your activities that concern Microsoft are now over. All communication about hacking Microsoft through you to press goes through Microsoft."
  • 41. Email quotes “From MS spokesman with love” "If we are approached by the press, our comments will be that we have indeed spoken to each other, but that we will not make further statements about this conversation."
  • 42. Email quotes “From MS spokesman with love” "From the US they have responded with approval to our conversation. I think - and I mean that - that you'll getting away with this too easy without charges."
  • 43.
  • 44. What did my employer think about it I should have gone to my manager before exposing my findings to say that I had access on *.microsoft.com. They could have Microsoft as customer. They planned a meeting at the airport behind customs with Compaq.
  • 45. What happens if you refuse?
  • 46.
  • 47. I needed a break What is the best place to work and have fun?
  • 48. Working in the club scene
  • 51. But what happened in 2003?
  • 52. But what happened in 2003? I found a vulnerability in Microsoft Commerce Server: CVE-2006-1257
  • 53. Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15:
  • 54. Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Fix in Service pack. 2003.04.26:
  • 55. Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Fix in Service pack. 2003.04.26: Microsoft: No call call out reporter 2003.04.27: No “call out” then I will not give my support 2003.04.28:
  • 56. Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Microsoft: Fix in Service pack. 2003.04.26: Microsoft: No call call out reporter 2003.04.27: Me: No “call out” then I will not give my support 2003.04.28: Microsoft: bla bla, customers bla bla 2003.04.28:
  • 57. Timeline vulnerability 2003.03.10: Meeting at Microsoft The Netherlands with Proof of Concept 2003.03.31: Official Escalation Vulnerability. Microsoft is busy for a fix. 2003.04.15: Microsoft: Fix in Service pack. 2003.04.26: Microsoft: No call out reporter 2003.04.27: Me: No “call out” then I will not give my support 2003.04.28: Microsoft: bla bla, customers bla bla 2003.04.28: Me: Only the sun rises for free I’m only asking for a “call out” 2003.05.06: Microsoft: KB article in service pack will have the “call out” 2003.08.26: Microsoft released Service Pack & security bulletin regarding the vulnerability.
  • 58. Top questions Most asked: “Did you hack Microsoft?! Are you rich?” “Can you hack somebody’s hotmail for me?” “Can you hack a bank for me?” Strange questions: “Can you crash a train for us to make a documentary about hacking?” “Can you hack a pigeon breeder website for me?”
  • 59. Bucket list Hack Microsoft Receive call out in Microsoft Product Meet Britney Spears Going worldwide with my talk DefCon Skytalks (USA, Las Vegas) - Sec-T (Sweden, Stockholm) - Kaz’Hack’Stan (Kazakhstan, Almaty) - UISGCON (Ukraine, Kiev) DefCamp (Romania, Bucharest) & More to be confirmed