Learning Mainframe Hacking: Where the Hell Did All My Free Time Go?

Learning Mainframe Hacking: Where the Hell Did All My Free Time Go?

Do you love a good puzzle? Do you keep Intel’s 3,300 page Software Developer Manual as bedside reading? Are you the first kid on the block to download a new publicly available exploit to try it out and see how it works? Is seeing 0x41414141 in a register more beautiful to you than a Hawaiian sunrise? Then mainframe hacking is definitely for you! In this talk, Big Endian Smalls (or BeS) will open your eyes to the exciting, fun, and excruciatingly challenging world of mainframe vulnerability identification & exploit development. Why don’t you care about such a thing? Because you’ve been taught not to. Schools teach you that mainframes don’t matter, if they are mentioned at all. Well guess what! Not only do they matter, everything you do, you family does, your government does, relies on them. BeS will wet your appetites with the basics of IBM’s System Z architecture and how to use current tools for exploit development. He will discuss why a solid community of like-minded techno-elites such as yourselves are desperately needed to learn this dark art. Three different disassemblers/debuggers, ranging from the archaic, to the reasonably OK to the OMG what-the- hell-kind-of-sorcery-is-this will be demonstrated with pros and cons for each. A brief primer in proof-of-concept and shellcode development in C and Assembly will be delivered in both Unix System Services (USS) and MVS-based. Trimodal addressing, base, index + displacement address generation and some similarities / differences to the Intel-based world you already know will be addressed. If the thought of learning a new platform excites you or if you are looking for a way to differentiate yourself from all the other researchers / pentesters in the market - this is the talk for you.

Presented by