About the Speaker

Have you ever been excited to use a brand-new identity provider? Maybe an open-source one that offers cost-effective and flexible solution? These systems can greatly enhance your organization's productivity. So far, so good, but what happens if an attacker compromises your identity provider?

In this session, we will outline our research process and our findings on two popular open-source IdPs: Keycloak and Authentik, ending in the discovery of 0-day bugs (CVE-2024-42490, CVE-2024-37905).

We will dive into two new research techniques: ORM Leaks and web race conditions, delving into these internals. This will allow any security professional to find vulnerabilities using these methods. Furthermore, we will share the story of how an information leak prompted further investigation, leading to the discovery of the ORM Leak technique.

Lastly, we will overview a privilege escalation vulnerability in Authentik where any user can gain full control of the system! and from there; the sky is the limit - take full control over your organization's assets.

Maor Abutbul is a Vulnerability Researcher at CyberArk Labs with about 20 years of experience in the Network & Security fields.

Prior to joining CyberArk, Maor worked as a Senior Security Researcher at CYMOTIVE Technologies where he led and conducted security research projects for various automotive vendors.

Loves constantly evolving playing CTFs and implementing learned methods in his research. In addition, Maor possesses an Engineering and a master's degree in communication systems engineering from Ben-Gurion University of the Negev.