Advertisement
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012
Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012

Check these out next

Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
DefCamp
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
DefCamp
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
DefCamp
Building application security with 0 money down
Building application security with 0 money down
DefCamp
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
DefCamp
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
DefCamp
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
DefCamp
1 of 20

Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012

Dec. 17, 2012
Download to read offline
DefCamp
DefCamp
Advertisement
Advertisement
Advertisement

Recommended

Repair or replaceRepair or replace
Repair or replaceAbie Anarna536 views11 slides
KT Value Proposition PowerPoint Presentation SlidesKT Value Proposition PowerPoint Presentation Slides
KT Value Proposition PowerPoint Presentation SlidesSlideTeam51 views19 slides
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp1.7K views89 slides
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp970 views167 slides
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp542 views24 slides
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?DefCamp306 views22 slides

More Related Content

More from DefCamp(20)

Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp268 views
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
DefCamp250 views
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
DefCamp315 views
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
DefCamp217 views
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
DefCamp175 views
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
DefCamp213 views
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
DefCamp238 views
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
DefCamp323 views
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?
DefCamp257 views
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
DefCamp804 views
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
DefCamp291 views
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.
DefCamp423 views
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber Security
DefCamp289 views
The lions and the watering holeThe lions and the watering hole
The lions and the watering hole
DefCamp219 views
Catch Me If You Can - Finding APTs in your networkCatch Me If You Can - Finding APTs in your network
Catch Me If You Can - Finding APTs in your network
DefCamp298 views
WiFi practical hacking "Show me the passwords!"WiFi practical hacking "Show me the passwords!"
WiFi practical hacking "Show me the passwords!"
DefCamp1.6K views
OSSTMM: The “Measure, Don’t Guess” Security Testing MethodologyOSSTMM: The “Measure, Don’t Guess” Security Testing Methodology
OSSTMM: The “Measure, Don’t Guess” Security Testing Methodology
DefCamp424 views
Open Directories: Sensitive data (not) hiding in plain sightOpen Directories: Sensitive data (not) hiding in plain sight
Open Directories: Sensitive data (not) hiding in plain sight
DefCamp237 views
Year of the #WiFiCactusYear of the #WiFiCactus
Year of the #WiFiCactus
DefCamp294 views
How to Fuzz like a HackerHow to Fuzz like a Hacker
How to Fuzz like a Hacker
DefCamp236 views
Advertisement

Critical vulnerabilities in the online services of a romanian telephony company - DefCamp 2012

  1. Vulnerabilități grave în serviciile online ale unui telecom din România Prisăcaru Anatolie 01.12.2012 @shark0der @DefCamp
  2. The problem
  3. The motivation
  4. Let's dive into all this stuff
  5. The configurator
  6. The surprise
  7. The serious approach
  8. … still serious approach
  9. This can't be real
  10. What about pushing the limits?
  11. … even more
  12. Unbelievable, but it worked :)
  13. Really worked!
  14. And I've got more then I expected!
  15. Under the hood
  16. The key
  17. The simplicity
  18. The stupidity
  19. The lesson NEVER BUT NEVER TRUST USER INPUT
  20. THE END Prisăcaru Anatolie 01.12.2012 @shark0der @DefCamp
Advertisement