About that time I almost hacked DEFCON.
2024-08-16, 13:30–14:30, Main stage
Language: English

What happens when a 23 year old finds the keys to thousands of servers, containing millions of user details? A real hacker story about the dilemma of doing the right thing, the wrong thing, or nothing. (contains adult topics, not for kids).


In 2010 I stumbled upon a flaw in a web gallery software that allowed me to upload and run my own scripts. One of the affected servers was the image gallery of the DEFCON security conference. This is the story of how I found the bug (with a first time ever public disclosure of it), how the developer handled it, how DEFCON handled it, and how I handled it.

This talk mentions adult topics and is not intended for children's ears.
This talk will be disclosing a 10 year old 0-day (kind of)

I expect it takes about an hour to tell the story and have some time for Q&A.