Sergey Temnikov

Sergey Temnikov
Sergey is an active member of Critical Infrastructure Defense Team (CID-Team) and Kaspersky Lab ICS CERT. His research interests are fuzzing, binary exploitation, penetration testing and reverse engineering. He started his career as malware analyst in Kaspersky Lab. Sergey has OSCP certification.

Talk / Workshop

License managers: The Phantom Menace

Tiny little thing that can cause huge problems - license manager. We've studied the state of security of some major vendors and custom-made ones and would like to deliver some results about three examples:
1) Gemalto License Manager - one of the most popular solutions. Used as a combination of USB token and software driver;
2) Flexnet License manager - also a very popular solution. We've identified some logical and binary vulnerabilities (up to LPE and RCE);
3) And some other license managers.

Some software solutions have Gemalto and Flexnet in their installation packages and some customization makes the state of security even worse. Such examples will be covered during the presentation.

** This talk is co-presented with Vladimir Dashchenko.

Subscribe and get our news and updates.