The Java Agent: Modifying Bytecode at Runtime to Protect Against Log4J • Joe Beeton • GOTO 2022

2 Comments | Software By · 25/05/2023



The Java Agent: Modifying Bytecode at Runtime to Protect Against Log4J • Joe Beeton • GOTO 2022

The Java Agent: Modifying Bytecode at Runtime to Protect Against Log4J • Joe Beeton • GOTO 2022

This presentation was recorded at GOTO Copenhagen 2022. #GOTOcon #GOTOcph
https://gotocph.com

Joe Beeton – Senior Application Security Researcher at Contrast Security

RESOURCES
https://github.com/eclipse/jbom
https://github.com/JoeBeeton/cornflakerizer-rasp
https://github.com/welk1n/JNDI-Injection-Exploit
https://www.contrastsecurity.com/developer
https://www.contrastsecurity.com/contrast-community-edition

Joe
https://twitter.com/JosephBeeton
https://github.com/JoeBeeton
https://linkedin.com/in/joe-beeton-34b083231

ABSTRACT
Java Agents are a powerful tool to instrument or modify your application at runtime. But how do they work?
In this talk, I’ll be going through how they work when configured at startup as well as attaching an agent to a running process.

I’ll show how the underlying Java Agent API works, how it can be used to both analyse an application and modify the application using a simple example of Bytecode modification to protect against Log4J and other vulnerabilities […]

TIMECODES
00:00 Intro
00:35 java.langinstrumentation
02:21 Dynamically attaching
08:14 JBOM Demo
21:21 Static attaching
21:46 RASPs
22:29 Log4J interpolation
23:58 What is JNDI
24:54 What a malicious JNDI server can do
29:10 Patching Log4J at runtime
30:00 Vulnerability Demo
38:12 Links
38:43 Outro

Download slides and read the full abstract here:
https://gotocph.com/2022/sessions/2195

RECOMMENDED BOOKS
Kevlin Henney & Trisha Gee • 97 Things Every Java Programmer Should Know • https://amzn.to/3kiTwJJ
Markus Eisele & Natale Vinto • Modernizing Enterprise Java • https://amzn.to/3EsEtZ3
Joshua Bloch • Effective Java • https://amzn.to/3ygmQJt

https://twitter.com/GOTOcon
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#Java #Security #JavaSecurity #JBOM #JavaAgent #Bytecode #JavaEcosystem #RASP #JVM #JCP #Java8 #JDK #Log4j #npm #Gradle #Maven #JoeBeeton

Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech
Sign up for updates and specials at https://gotopia.tech/newsletter

SUBSCRIBE TO OUR CHANNEL – new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1

Comments are closed.

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav