Daan Keuper

Daan Keuper is the head of security research at Computest Security. This division is responsible for advanced security research on commonly used systems and environments.

Daan participated five times in the internationally known Pwn2Own competition by demonstrating zero-day attacks against the iPhone, Zoom and multiple ICS applications. In addition Daan did research on internet connected cars, in which several vulnerabilities were found in cars from the Volkswagen Group.


Session

09-05
11:00
30min
From WAN to NAS: A Pwn2Own Journey Through the SOHO Attack Surface
Daan Keuper

The SOHO Smashup is a famous category in the IoT focused edition of Pwn2Own. Contestants are challenged to exploit a router from the WAN side and then use that device to exploit a second device on the internal LAN. Last year, we took them up on this challenge and successfully demonstrated a 0day exploit chain against a QNAP router and pivoting to a TrueNAS system. In this presentation, we'll describe how we performed our research and the vulnerabilities we found.

Main track
Main track