The talk revolves around one of the most extreme Red team exercises us hackers ever did wherein the target was a billion-dollar pharmaceutical company dealing in all sorts of modern medicine. We were mandated to showcase control of the CROWN JEWELs which included Scientific Data Management Systems (SDMS), Electronic Lab Notebooks (ELN), Chemical Management Systems + lab Sensors and SCADA systems that control Medicine Manufacturing & Inventory Management.
The tale starts with us wardriving around a massive campus spread across several square miles, to gain access to the intranet and ends with us having complete control over Drug Formulas.
We will provide in-depth visibility of the process we carried out to PT in a completely unknown battleground, containing applications a hacker hardly ever comes across. The live case studies and PoCs aim to provide the attendees with a perspective of pwning, escalating, pivoting and exfiltrating in unfamiliar network stacks all while staying covert.
Technically, we will cover the techniques we used for breaking out of DMZs, VLAN hopping, host exploitation, persistence and misconfigurations like RMI loopholes, Misconfigured IPTABLES, Forgotten staging environments, trial software installations, and many more interesting cases. All of these were then finally chained together to take over employee emails, domain forests and gain complete access to the Chemical Management Systems potentially allowing a hacker to alter drug formulas.
This will be followed by various underutilized DATA EXFILTRATION techniques to sneak past DLPs, firewalls, AVs and of course, we will conclude with PATCHES and recommendations.
About Aman Sachdev
- Aman Sachdev is a programmer at heart and information security expert with 9+ years of experience in the Information Security Ecosystem having trained over 19000 individuals to date including college grads, corporate developers, and security professionals worldwide. His love for breaking challenging Infrastructures, Firewalls, and Defenses has landed him as a core member of numerous Red Teams and Security Engineering Teams around the globe. He is an avid speaker and has been invited to numerous international security conferences including RSA Singapore, HITB Amsterdam, Confidence Poland+London, Hack Miami, Sec-T Stockholm, LeHack Paris, and numerous others to share his research and experiences. Aman has done his Bachelor's in Computer Applications and also holds OSCP and CRTP certification apart from his vast experience in secure code development, Bug Hunting, Web & Mobile app exploitation, and corporate network penetration testing. At present, he works as a Product Security Engineer at VMware as he solves cyber security problems during the day and creates them at night.