BSides Ottawa 2019: My Talk

BSides Ottawa

Today (November 29th, 2019) I gave my talk on Chaining Web Exploits: Pwning The Kingdom. It's a true story on how simple vulnerabilities are overlooked, leaded to compromise of over 30 Universities across North Amerca. The vulnerabilities include cross-site scripting (XSS), SQL injection, Code Injection, Local File Inclusion, Remote Command Execution and, eventually full root on the server due to kernel exploits.

It was a fun talk to give, and I hope that educational insitutions will be more aware of these vulnerabilities and proactively monitor, defend against them.

You can find the slidedeck here. It's available for download freely as of today.

If you'd like to let me know your thoughts, you can email me: [[ mike ]] @ [[ ]]. Remove the [ and spaces for the proper email.

Published under  on .



I'm Mike Gervais, a cyber security analyst and software engineer based in Ottawa.