Sebastiaan Groot
Sebastiaan is an Ethical Hacker at KPN with an interest in binary analysis and exploitation, system security and breaking programs in general. Before that, he worked as an incident responder and forensic analyst at KPN-CERT. Whenever opportunity arises, he can be found at CTF events.
Session
A Steering of Roaming (SoR) solution in the telecom world is a component used by mobile network operators to manage which networks their subscribers connect to when roaming in other countries. While fuzzing a globally used SoR component, we discovered a remote code execution vulnerability that could be exploited from the position of other telecom operators. In this talk we want to take you with us on the journey from fuzzing setup to crash discovery, initial exploitation all the way to overcoming the network isolation and protocol constraints to craft a exploit that allows for two way communication.