Close

Mainframe Fuzzing and Debugging

(1AG)

Stream: Virtual Room 1
Time: 09:00 - 10:00


Presentation

The best method for preventing vulnerable code from being created is using secure coding styles. However for various reasons e.g code refactoring, miscommunications and mistakes, vulnerabilities can slip through. We should aim to "fuzz" our code before shipping it, especially code which runs APF authorised.

Fuzzing involves throwing a lot of input at the program, this includes input that a regular user would not use. This could involve variations on the intended input e.g add a character, edit a byte, send nulls, send a massive input. It could also include sending completely "weird" inputs.

If any of these inputs, cause an unexpected abend like U4083, SOC1 or SOC4. We should investigate this to make sure nothing dangerous is happening. Various debugging tools are available on z/OS, this talk will use TSO TESTAUTH. TSO TESTAUTH is used due to being able to debug APF programs, and being able to debug both MVS and UNIX (if copied to MVS and CEEOPTS set up correctly) programs.

An example vulnerable APF authorised C program has been created. The talk will show a demo of how to fuzz this program. After confirming that an abend is caused with a certain input, this talk will then use TSO TESTAUTH to debug the program to show exactly how the abend is being caused. With this information, it will then be shown how a malicious user could gain code execution.

Attachments

There is currently no attachment for Mainframe Fuzzing and Debugging

Speakers


  • Jake Labelle at F-Secure
  • Hi I'm Jake Labelle, an associate security consultant at F-Secure. In my spare time, I like to tinker and reverse engineer z/OS binaries, and over the last year I have had a lot of spare time. I have found and reported a number of security vulnerabilities in z/OS binaries to IBM. For the past year and a half, I have been getting a crash course in all things mainframe, and seem to learn something new every week, hopefully I will bring a unique perspective on mainframe security.


    Email: southampton.jake.labelle@gmail.com

  • Jake Labelle at F-Secure
  • Hi I'm Jake Labelle, an associate security consultant at F-Secure. In my spare time, I like to tinker and reverse engineer z/OS binaries, and over the last year I have had a lot of spare time. I have found and reported a number of security vulnerabilities in z/OS binaries to IBM. For the past year and a half, I have been getting a crash course in all things mainframe, and seem to learn something new every week, hopefully I will bring a unique perspective on mainframe security.


    Email: southampton.jake.labelle@gmail.com

  • Jake Labelle at F-Secure
  • Hi I'm Jake Labelle, an associate security consultant at F-Secure. In my spare time, I like to tinker and reverse engineer z/OS binaries, and over the last year I have had a lot of spare time. I have found and reported a number of security vulnerabilities in z/OS binaries to IBM. For the past year and a half, I have been getting a crash course in all things mainframe, and seem to learn something new every week, hopefully I will bring a unique perspective on mainframe security.


    Email: southampton.jake.labelle@gmail.com

  • Jake Labelle at F-Secure
  • Hi I'm Jake Labelle, an associate security consultant at F-Secure. In my spare time, I like to tinker and reverse engineer z/OS binaries, and over the last year I have had a lot of spare time. I have found and reported a number of security vulnerabilities in z/OS binaries to IBM. For the past year and a half, I have been getting a crash course in all things mainframe, and seem to learn something new every week, hopefully I will bring a unique perspective on mainframe security.


    Email: southampton.jake.labelle@gmail.com

  • Jake Labelle at F-Secure
  • Hi I'm Jake Labelle, an associate security consultant at F-Secure. In my spare time, I like to tinker and reverse engineer z/OS binaries, and over the last year I have had a lot of spare time. I have found and reported a number of security vulnerabilities in z/OS binaries to IBM. For the past year and a half, I have been getting a crash course in all things mainframe, and seem to learn something new every week, hopefully I will bring a unique perspective on mainframe security.


    Email: southampton.jake.labelle@gmail.com

  • Jake Labelle at F-Secure
  • Hi I'm Jake Labelle, an associate security consultant at F-Secure. In my spare time, I like to tinker and reverse engineer z/OS binaries, and over the last year I have had a lot of spare time. I have found and reported a number of security vulnerabilities in z/OS binaries to IBM. For the past year and a half, I have been getting a crash course in all things mainframe, and seem to learn something new every week, hopefully I will bring a unique perspective on mainframe security.


    Email: southampton.jake.labelle@gmail.com

    Feedback

    Click here to give some Feedback so we can make it even better next year!