Talk 12:30 - 13:15 August 10, 2019

Özkan M. Akkus

I will give brief and logical answers How to find Remote Command Execution vulnerability? and How to exploit discovered vulnerability with Metasploit? in web applications. In answering these questions, I will show you my special exploits, "Webmin Unauthenticated RCE" and "ManageEngine Unauthenticated RCE" which I have not published yet. I will public these critical vulnerabilities in Defcon App-Sec Village.