Bringing Harmony to IIS: Using game mods to protect (or nuke) your web server

This talk was originally presented at BSides Canberra 2023 With an ever increasing number of developers using .NET based game engines, game modders have developed sophisticated tools which can interact with the .NET Common Language Runtime to modify game mechanics, add features and fundamentally modify how games operate at runtime. But what's stopping us from using these tools to mess with other .NET based applications? Say...an IIS web server running Microsoft Exchange? Absolutely Nothing! Join me as I deploy Harmony, a popular .NET method hooking library, onto a Microsoft IIS server inorder to access (and tamper with) method parameters, return values and functionality. I'll demonstrate several methods to load Harmony into IIS before looking at the level of control Harmony gives us over various interesting methods regular web applications utilise. Next I'll explore some defensive uses for method hooking including logging method parameters sent to commonly abused functions, preventing method calls, and messing with adversaries by tampering with outputs. I'll also cover some offensive uses for method hooking such as password logging and persistence.

☣️The Security of Emojis☣️

This talk was originally presented at BSides Canberra 2021 To some, Emojis are just a subset of Unicode, whilst to others, they are their own language. These days Emojis are everywhere and they have some pretty interesting ramifications to both red and blue teams. Is this presentation I'll answer all of the questions you never knew you had including: - What actually is an Emoji? - Can I call my Active Directory forest 🔥dc🔥.💎💎💎? - Is 🚫⌚🐂💩 an uncrackable password? - What happens when I pass an Emoji to my favourite security tool? - How badly can I break things by putting Emojis in the wrong place?

Introduction to Cisco IOS analysis

This talk was originally presented at BSides Canberra 2018 2015 saw the discovery of SYNful Knock, the first known instance of malware for Cisco IOS devices. Fast forward to 2018 and no additional samples of IOS malware have been found which begs the question, is no one writing IOS malware anymore or are we just not finding it? This presentation will provide a look at what makes up an IOS system image and memory dump, how to process IOS system images so they play nicely with traditional analysis and reverse engineering tools and ultimately lower the barrier for security researchers to get started analysing Cisco IOS and discovering new malware. We will also take a quick look at some of the non-malware based attacks that are being utilised today.