- This event has passed.
Summit Talk: Bypass Like It’s 1999: Decades of Fraggles, Doozers, and Desync
March 13 @ 12:30 pm – 1:00 pm EDT
Talk Length: 20-25 minutes
Tuition: Free
This talk is part of the The Most Offensive Con that Ever Offensived March 2024 Summit. Registration for any The Most Offensive Con that Ever Offensived March 2024 Summit class includes registration for the summit and all of its presentations, talks, and streams.
Clicking on the button above will take you
to the summit page
Pricing:
Talk Description
Dance your cares away! Let’s put on our denim jacket and bucket hat, cue up our The Prodigy CD, login to our RedHat Linux 6.0 appliance, and fire up Snort 1.2.1 to see if our shiny new Perl exploit gets caught! Should we share this out on Bugtraq or save it for a rainy day?
Much has changed since 1999, but much is fundamentally still the same. Parsing is still hard, hackers are still hacking, and trends tend to cycle back around. Is it possible that simple evasion techniques from 25 years ago could still be effective today? In this session, we will attempt to answer that question by walking through a (very abridged) history of security control bypasses and failures, culminating with a demonstration of antiquated techniques against modish security controls of today. When we can thread the same root causes through decades of security trends, it is clear that some lessons must either be remembered or relearned.
Trainer & Author
John Askew is an offensive security tester, software engineer, and occasional public speaker. He has performed penetration testing engagements for hundreds of clients over the past 17 years, from local banks and small businesses to Fortune 100 companies. He is passionate about learning new skills and finding creative solutions to interesting problems. Outside of work, he prefers hobbies that don’t involve a computer screen, such as outdoor running and playing the guitar.