Giriraj Ravichandran
Security Engineer, RedTeamOps @Freshworks - OSWE, EJPT, Rastalabs HTB, CTF Player @TamilCTF
I am Giriraj R., presently serving as a Security Engineer at RedTeamer at Freshworks. In my current role, I specialize in implementing automated solutions at an enterprise-wide level, as well as Purple Teamer. I have garnered substantial recognition through my active participation and victories in numerous Capture The Flag (CTF) competitions, adopting the moniker 'Cipherlover' and collaborating with the distinguished CTF team 'TamilCTF.' My profound insights extend to Purple Teaming, cloud security, and the operational aspects of the Security Operations Center (SOC). With a passion for cybersecurity, I'm committed to fortifying digital landscapes and continuously expanding my knowledge.
Sessions
In this presentation, we will delve into the often overlooked security risks associated with macOS (.pkg) and Windows (.msi) installer packages. Installers are a critical part of software deployment, yet they can harbor significant vulnerabilities that, if exploited, can lead to privilege escalation and remote code execution (RCE).
We will start by unpacking the structure of macOS and Windows installer packages, shedding light on their internal components and the common security flaws that can be exploited. Through real-world examples and demonstrations, we will explore how attackers can leverage these flaws to gain unauthorized access and control over systems.
Attendees will learn about the following key areas:
Understanding Installer Packages: A comprehensive overview of the structure and function of macOS .pkg and Windows .msi files.
Common Security Flaws: Identification and explanation of typical vulnerabilities found in installer packages.
Privilege Escalation: How malicious actors exploit installer flaws to escalate privileges on both macOS and Windows platforms.