Titanium Sponsors

Inquest

Inquest

Platinum Sponsors

Leonardo DRS

Leonardo DRS

Gold Sponsors

Modern Technology Solutions, Inc.

Modern Technology Solutions, Inc.

University of Dayton
Department of
Computer Science

University of Dayton - Department of Computer Science

Gluware

Gluware

Social Media

Our LinkedIn Group: OISF at LinkedIn


OISF on YouTube: OISF on YouTube


Meeting Agenda - October 9th, 2014

9th October 2014

6:00pm:

Food and drinks served

Introduction

A brief overview of the Ohio Information Security Forum.

Presentation: Penetrate your OWA

By: Nate Power

Abstract:

Outlook Web Access is one of the most widely deployed web apps in corporate environments. Nate has discovered and leveraged various security holes to learn about the company's internal network as the exchange configuration.

Bio:

Nate Power is a pen tester and security researcher at CDW. He's an expert at web application testing and seeking out vulnerabilities in common frameworks. He's spoken at DerbyCon, Passwords Con, and other security conventions.

Discussion: $ env x='() { :; }; echo /bin/bash "echo #shellshock"

By: Robby Stewart

Abstract:

Recap of the past few weeks and the revelations of the biggest security hole to be exposed this year!!!!! (aside from that whole openssh nonsense...) Bring your spoon because we're going to take a dip into some tasty shells (minus the cheese) and talk about how bash has gone vulnerable to a pretty big hole for some time now.