BSides Canberra 2025

Time Traveling Exploitation: Remote Code Execution in a 10,000 Day Old Game Protocol
2025-09-25 , Royal Theatre

Journey through time and learn to reverse engineer and exploit an n-day protocol vulnerability to achieve Remote Code Execution in a game released over 10,000 days ago. We will first approach the vulnerability using only tools available to hackers in 1997, demonstrating the complete exploitation chain with period-authentic methods. Once the exploit chain is complete, we will teleport back to the future and showcase the same exploit using modern techniques and tooling, highlighting both the evolution and consistent principles of exploitation over time. Participants will learn how to analyse protocols, identify and exploit the bug, write custom shellcode, navigate older and dated tooling, and understand newer techniques and approaches. This technical deep dive provides both historical context and hands-on skills applicable to today's security challenges.

Riley has experience building, breaking, learning, and teaching across consulting and internal security teams in Australia and Europe. As the Product Owner of Adversary Simulation at NAB, he helps protect the bank by proactively doing what our tracked threat actors like to do.