The Java Agent: Modifying Bytecode at Runtime to Protect Against Log4J • Joe Beeton • GOTO 2022
About this talk
This presentation was recorded at GOTO Copenhagen 2022. #GOTOcon #GOTOcph https://gotocph.com Joe Beeton - Senior Application Security Researcher at Contrast Security RESOURCES https://github.com/eclipse/jbom https://github.com/JoeBeeton/cornflakerizer-rasp https://github.com/welk1n/JNDI-Injection-Exploit https://www.contrastsecurity.com/developer https://www.contrastsecurity.com/contrast-community-edition Joe https://twitter.com/JosephBeeton https://github.com/JoeBeeton https://linkedin.com/in/joe-beeton-34b083231 ABSTRACT Java Agents are a powerful tool to instrument or modify your application at runtime. But how do they work? In this talk, I'll be going through how they work when configured at startup as well as attaching an agent to a running process. I'll show how the underlying Java Agent API works, how it can be used to both analyse an application and modify the application using a simple example of Bytecode modification to protect against Log4J and other vulnerabilities [...] TIMECODES 00:00 Intro 00:35 java.langinstrumentation 02:21 Dynamically attaching 08:14 JBOM Demo 21:21 Static attaching 21:46 RASPs 22:29 Log4J interpolation 23:58 What is JNDI 24:54 What a malicious JNDI server can do 29:10 Patching Log4J at runtime 30:00 Vulnerability Demo 38:12 Links 38:43 Outro Download slides and read the full abstract here: https://gotocph.com/2022/sessions/2195 RECOMMENDED BOOKS Kevlin Henney & Trisha Gee • 97 Things Every Java Programmer Should Know • https://amzn.to/3kiTwJJ Markus Eisele & Natale Vinto • Modernizing Enterprise Java • https://amzn.to/3EsEtZ3 Joshua Bloch • Effective Java • https://amzn.to/3ygmQJt https://twitter.com/GOTOcon https://www.linkedin.com/company/goto- https://www.instagram.com/goto_con https://www.facebook.com/GOTOConferences #Java #Security #JavaSecurity #JBOM #JavaAgent #Bytecode #JavaEcosystem #RASP #JVM #JCP #Java8 #JDK #Log4j #npm #Gradle #Maven #JoeBeeton CHANNEL MEMBERSHIP BONUS Join this channel to get early access to videos & other perks: https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/join Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech Sign up for updates and specials at https://gotopia.tech/newsletter SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Topics covered
Stay Updated
Get notified about new features and conference additions.
