First talk

You Left the Back Door Open! (Finding Legacy Vulnerabilities in Legacy Systems)

Speaker

Nick Dunn

Synopsis

AS/400 is an IBM mid-range computer series (i.e. not quite a mainframe) that’s undergone multiple name changes over the years (but still gets referred to as AS/400 by lots of people). Despite its age, the system is extremely stable and scalable, and still in widespread use.

This talk discusses the history of the system, and shows how the design, and computing conventions of the time have led to many of these systems existing in a vulnerable state. The talk will show how to test and exploit systems, what tooling can be used, and how to harden and protect the system. There are large numbers of these systems still in use, with many configured in a default (or almost default) state that allows easy exploitation to anyone armed with the right tools and techniques.

It demystifies a system that’s often regarded as obscure or unusual, shows what hacking techniques are needed, and best of all a lot of the hacks involve hollywood-style green text in a black terminal window.

Second talk

??

Speaker

You?

Future talks

We’re still trying to build up a backlog of talks. If you’ve implemented a C2 on a smartwatch, want to walk us through the highlights of a CTF, or have some insight into the breakdown of security cooperation globally, we’re interested!

Drop a message to talks@dc4420.org with a title, synopsis and rough length, and don’t worry if you haven’t presented before.

We’re also happy to host other activities, like lockpicking, or demoing a new piece of kit, just let us know.

New location

We are no longer at the Phoenix! The next meeting will be at:

The Greene Man
383 Euston Road
London NW1 3AU

Closest stations: Great Portland Street, Warren Street, Euston.

We’ll start around 7:30pm as usual, but feel free to turn up from 6:45pm to settle in.