Weaponizing Rsync 0Day Vulnerability
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore a critical 25-year-old vulnerability in the widely-used Rsync file transfer utility that enables code execution on connecting peers, potentially leading to silent lateral movement within networks. Dive into the discovery and weaponization of this "worm-able" remote code execution (RCE) vulnerability, which allows for writing or overwriting arbitrary files on connected systems. Learn about the Rsync tool's architecture, its delta transfer algorithm, and how the PRODAFT Threat Intelligence Team uncovered this long-standing security flaw during source code analysis. Gain insights into the implications of this vulnerability for network security and understand the technical details behind its exploitation.
Syllabus
Weaponizing Rsync 0Day Vulnerability by Ege BALCI
Taught by
Hack in Paris
Related Courses
NetflOSINT- Taking an Often-Overlooked Data Source and Operationalizing It - Joe Gray - Hack in ParisHack in Paris via YouTube All Roads Lead to OpenVPN Pwning Industrial Remote Access Clients - Sharon Brizinov - Hack in Paris - 2021
Hack in Paris via YouTube Exploits in Wetware - R. Sell - Hack in Paris - 2019
Hack in Paris via YouTube All Your GPS Trackers Belong to Us - C. Kasmi, P. Barre - Hack in Paris - 2019
Hack in Paris via YouTube In NTDLL I Trust - Process Reimaging and Endpoint Security Solution Bypass - E. Carroll - Hack in Paris - 2019
Hack in Paris via YouTube