Tobias Neitzel presents open source tool at Black Hat USA 2021

4. August 2021

On 5 August, Tobias Neitzel, Managing Consultant IT Security at usd HeroLab, will present his tool “remote-method-guesser: A Java RMI Vulnerability Scanner” at Black Hat USA 2021.

The international security conference is one of the largest events for IT security experts and security managers worldwide. Speakers and participants from all over the world come together annually in Las Vegas in order to exchange information on new security vulnerabilities, defense mechanisms and trends in the IT security industry. This year, the Black Hat Main Conference will take place on 4 and 5 August as a hybrid event.

We had a chat with Tobias Neitzel about his presentation:

Tobias, how does it feel to present at Black Hat?

Tobias Neitzel: It’s just an incredibly good feeling to be able to present at such a big event. Black Hat is one of the most important conferences for IT security experts and to be a part of it is a great honor for me. Two years ago, we already attended the event in Las Vegas as participants. Now to be a part of it as a speaker is a big dream come true.

What is your presentation about?

TN: My presentation is categorized in the Black Hat topic area “Arsenal”. That’ s where the latest open source tools and products are presented. In my presentation I will demonstrate my tool “remote-method-guesser (rmg)“: a Java RMI vulnerability scanner that looks for misconfigurations in Java RMI endpoints. It combines well-known techniques for identifying RMI vulnerabilities with lesser-known attack vectors that are often overlooked. In addition to detecting RMI vulnerabilities, the remote-method-guesser can perform attack operations for any supported vulnerability type.

Why do you assume your tool was selected?

TN: Java RMI has a long history of known vulnerabilities, of which unfortunately only a few are documented in detail. It is therefore difficult for end users to understand which vulnerabilities their own components may be vulnerable to and what impact this has. Tools already exist for some vulnerabilities, but these usually focus on exploiting a specific vulnerability and are less suitable for the targeted identification of vulnerabilities. The remote-method-guesser allows analysts and users to easily and efficiently scan their RMI endpoints for common vulnerabilities. This adds real value to IT security.

You will present remote from Germany instead of live in Las Vegas. How can we picture that?

TN: All presentations will take place on a virtual event platform. At the announced time, my presentation will be available to participants on the platform in the form of a pre-recorded video. Anyone interested can watch the presentation on demand at their own pace. At the same time, I will be available for questions from the community in a live chat.

Why is your presentation a must-see?

TN: Although the central topic of the presentation is of course the remote-method-guesser tool, I focused the talk mostly on Java RMI vulnerabilities. Identifying vulnerabilities is important, but understanding them is far more important. During my talk, participants will learn the basics of Java RMI as well as the most important RMI related vulnerabilities. Those who run Java RMI endpoints themselves or test them regularly will be able to put this knowledge to good use.

For those who were not able to attend Black Hat USA 2021, watch the recording here.

Also interesting:

3 Reasons for a Cloud Security Audit

3 Reasons for a Cloud Security Audit

Outsourcing applications and data to the cloud brings significant benefits for companies, but at the same time also new challenges for the corresponding IT departments. The technologies and processes of a cloud environment differ from those of local data centers....

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

During penetration tests our security analysts repeatedly uncover gateways in IT systems and applications that pose significant risks to corporate security. They increasingly identify the same vulnerabilities in different IT assets, some of which have been known for...

Security Advisory 08/2021

Security Advisory 08/2021

The usd HeroLabs pentesters have identified a vulnerability in the products of the manufacturer TIBCO while conducting their security analyses. Specifically, this is a vulnerability in the “Weak Password Requirements” category that has been classified as critical. The...