Écoutez la diffusion
During the COVID-19 pandemic students across the country started to participate in e-learning for the first time. While the students had to adapt to new environments so did the software. Since school computers are now being taken home, educational software is exposed to a wider range of threats. If classroom management software was comprised, not only would a school district be affected, but attacks could spread to home devices. This talk will take an in-depth look at the zero-day vulnerabilities discovered by McAfee’s Advanced Threat Research Team in a K-12 classroom management solution used in over 9,000 school districts. The focus will be on how four vulnerabilities combined lead to a wormable unauthenticated remote code execution (RCE) resulting in System level privileges. This presentation will include a technical dissection of the network protocol leading to custom Scapy layers and a demo showing a single click exploit.
A deep dive of how four zero-day vulnerabilities in an educational management software can lead to a wormable unauthenticated attack allowing an attacker to gain system level privileges on every student computer on a network. This talk will cover the thought process and technical details of reverse engineering network traffic, creating custom Scapy layers, and the development of a single click exploit.