This year I had a pleasure to present few of the topics from my research during The Hack Summit Conference in Poland[1, 2, 3]. This time we (mostly;)) talked about one preauth RCE bug I found in ConQuest DICOM server (1.5.0d). Below you'll find more details about it. Here we go...
This time we'll start here:
Environment
If you'd like to recreate this 'pentest scenario' in your mini-LAB - this time I used:
- Windows 10 VM
- ConQuest DICOM Server (1.5.0d)
- Ubuntu 20 VM (with python3).
Details
To not spoil it too much - below you'll find video from TheHackSummit 2023 Conference *(PL only):
Demo presented during THS2023 Conference is attached below:
Few more details about poc for this bug you can check here.
Remember to use it only for legal purposes.
See you next time! ;)
Cheers
Brak komentarzy:
Prześlij komentarz