This class walks through techniques for gaining system access, performing end-to-end penetration tests, and teaching you to ‘own’ the mainframe. Students are given access to a mainframe environment for the duration of the course where they will learn to navigate the operating system, some of the misconfiguration targets and privilege escalation techniques. Goals for each segment will be laid out with appropriate time afforded to students to allow them the ability to gain a deep understanding of how a mainframe pentest could and should be performed.
Over 15 hands on mainframe labs will make sure you get the time you need to put what you're learning in class in to practice. The areas explored in this course include VTAM, CICS, TSO, Unix and Web. Students will get introduced to the open source tools and libraries available for all the steps of a penetration test including Nmap, python, kali, and metasploit as well as being able to write their own tools on the mainframe using REXX, JCL, C and CLISTs.
Take your mainframe hacking skills to the test as you get to compete in a mainframe CTF competition with your classmates. Everything you learn in class will be called upon as you try and solve over 20 challenges ranging from easy (What is OMVS) to very hard. You'll need to have been paying attention if you plan to win a prize.
Previous Years
2021 ClassesWe start with a simple introduction to the operating system including its history, how to navigate around, patching, accessing memory and system boot. We also cover CICS and how its used in a typical enterprise.
Labs: Creating folders, copy/paste files. Access memory with REXX. Accessing CICS and a real CICS transaction.
After lunch we cover how security is managed on a mainframe, then we dive deep in to how to write JCL followed by REXX, C and HLASM. We then take a tour of the TN3270 protocol ending the day.
Labs: RACF commands and SURROGAT. REXX and C shell with JCL. TN3270 scripting and attacks.
In Day 2 we cover the steps of a pentest. Before lunch cover the areas of reconnaissance, how to get a shell/interact with the mainframe, and enumeration once you're on the mainframe.
Labs: Nmap. FTP and JCL. REXX Enumeration.
We wrap up the training with offline password cracking and some of the many ways to do privilege escalation on a mainframe.
Labs: Crack passwords. Privilege escalation with REXX and APF.