« All Events

๐Ÿ™‚ DC215 Meetup: Serialization Vulnerabilities with Razdex

October 1 @ 6:00 pm - 8:00 pm
Logo for the DC215 meetup, with the DEF CON logo (smiley face and crossbones) on the left and "215" in green ASCII art on the right, all on the black background

Microsoft announced that the BinaryFormatter class is insecure and cannot be made secure, but how bad can it be?

How about a remote code execution exploit?

Join us at DC215 where youโ€™ll see a demo of this attack and how itโ€™s also exposed through JSON and Newtonsoft.

Demos and code samples are in C#, but this exploit is possible in any insecure deserialization process. By the end of this talk, you’ll know what to look for in your code and how to prevent it. If you’re a red teamer or pen tester you’ll add another attack vector to your toolkit.

Here’s the Meetup link.

Details

Date:
October 1
Time:
6:00 pm - 8:00 pm

Venue

Iffy Books
404 S. 20th St.
Philadelphia, 19146 United States
Phone
2153953956
View Venue Website

Organizer

Iffy Books
Phone
2153953956
Email
iffybooks@iffybooks.net