★ TALK ★

Zach Hanley

Zach Hanley

Rust Won't Save Us: Finding and Exploiting 0-days in Security Appliances

  Friday, 23 February

  45 mins


Increasingly threat actors are moving off of Windows endpoints and into places less visible like appliances. An analysis of CISA’s Known Exploited Vulnerabilities from 2023, and recent years, reveals that threat actors are targeting and exploiting appliances with both known vulnerabilities and 0-days of their own.

This talk covers the vulnerability research process used to discover 16 vulnerabilities across three different security appliances in the Fortinet product line. From command injection, SQLi, file reads, and more, this journey started what I dubbed the 'Forti Forty', a goal (cut short) to find 40 CVE’s in Fortinet appliances.

Attendees can expect to walk away with a general overview of how to approach reverse engineering security appliances, methodology used in reviewing large systems and code bases, and the common pitfalls that developers make in these complex systems.

Zach Hanley has been hooked on exploit development and offensive security since introduced to the world of hacking as an On-Net Operator for DoD and IC organizations. He’s since developed implants and exploits for both the government and commercial sector and competed in Pwn2Own. He currently is a vulnerability researcher and attack engineer for Horizon3.ai.