In this week's episode it's all things RSA Conference. I'll be discussing two talks put on by Trustwave SpiderLabs researchers; one on PoS security and one on hacking SAP ASE databases. I'll also talk about our password cracking rig and how it stood up against attendee provided passwords.
Links mentioned in the show:
Building a Password Cracking Rig
David Byrne and Charles Henderson "That Point of Sale Is a PoS"
Martin Rakhmanov: "Owning SAP ASE: Chained Database Attack"
CVE-2014-6284 - "Probe" login access vulnerability in SAP ASE
Custom ASE "probe" account client
Listen to this and archived episodes on Trustwave SpiderLabs Radio or in iTunes.
Or you can download the MP3 file directly here.
Or listen right from your browser with this embedded player.