OrangeCon

Timothy Hjort

I'm the type of guy who finds it funny when my car engine is full of glitter or when my home router runs a minecraft server. I entered the computer security field due to movies (HACKERS) and youtube videos before proceeding to study for a master of science in engineering: computer security degree. My professional experience includes being the head of IT for the student union at BTH along with part-time and now full-time work at Vulnerability Research in Outpost24. My primary interest is focused on computers, hardware, software architecture and cars.


Session

09-05
13:30
30min
An angel, python, root and config walked into a bar...
Timothy Hjort

How many times do we need to kill the NsaRescueAngel? What's up with this messed up python webserver? Why the hell did this command injection get reimplemented?! Those were my words whilst digging into ZyXEL's NAS326 firmware from which I found multiple zeroday vulnerabilities earlier this year, which this talk will use for a case study and discuss the consequences of bad design and subpar patching.

Track 2
Second track