YoVDO

Weaponizing Rsync 0Day Vulnerability

Offered By: Hack in Paris via YouTube

Tags

Hack in Paris Courses Cybersecurity Courses Network Security Courses Lateral Movement Courses

Course Description

Overview

Explore a critical 25-year-old vulnerability in the widely-used Rsync file transfer utility that enables code execution on connecting peers, potentially leading to silent lateral movement within networks. Dive into the discovery and weaponization of this "worm-able" remote code execution (RCE) vulnerability, which allows for writing or overwriting arbitrary files on connected systems. Learn about the Rsync tool's architecture, its delta transfer algorithm, and how the PRODAFT Threat Intelligence Team uncovered this long-standing security flaw during source code analysis. Gain insights into the implications of this vulnerability for network security and understand the technical details behind its exploitation.

Syllabus

Weaponizing Rsync 0Day Vulnerability by Ege BALCI


Taught by

Hack in Paris

Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network