Wednesday
Room 3
16:20 - 17:20
(UTC±00)
Talk (60 min)
ToolShell, Patch Bypass, and the AI That Might Have Seen It Coming
In mid-May 2025, during the ZDI’s Pwn2Own contest in Berlin, a researcher chained together two SharePoint vulnerabilities, later called “ToolShell” (CVE-2025-49704 and CVE-2025-49706), to achieve remote code execution on a SharePoint server. Following Microsoft’s patch on 8 July 2025, threat actors began reverse engineering the fix to target unpatched systems. Shortly after this, Microsoft also acknowledged the initial patch was incomplete, and the media announced the exploitation of the bypasses without having any evidence. A follow-up emergency patch was issued over a weekend to resolve the issue. Meanwhile, there was a lot of debate about whether the exploit had been leaked and used before anyone knew about it.
This technical session walks through the full incident, what was exploited, what failed, and how. We will examine the vulnerable code paths and explain how the authentication mechanism was bypassed. We will also look at why the first patch was ineffective.
Taking a historical lens, we will trace the issue back through earlier SharePoint versions including 2010 to understand how it may have originated. A live demo will then explore how AI tools could have assisted in patch diffing and dynamic analysis to identify the exploit code after the initial patch, and whether AI could have flagged the bypass when given the new code changes along with public research and exploit data.
Finally, we will discuss the official workarounds that were recommended, how they could be circumvented particularly in the context of ASP.NET and IIS, and offer practical suggestions for building more resilient mitigations against similar attacks in the future.
The audience will take a way with the followings:
- Understand how the ToolShell (CVE-2025-49704/49706) SharePoint vulnerability chain and its bypass worked.
- See how the attack unfolded and how to craft detection signatures based on its behaviour.
- Discover how AI tools can assist in patch diffing and exploit detection.
- Gain practical strategies for defending against similar future threats in ASP.NET and IIS environments.
Soroush Dalili
Soroush is a distinguished web application security expert with over 20 years of experience specialising in web application security testing, vulnerability discovery, security source code review, and penetration testing. He has contributed numerous security advisories to industry giants such as Microsoft, Mozilla, Adobe, Yahoo, and Facebook. Soroush's expertise has been showcased through speaking engagements at security conferences and events, including AppSec EU, SteelCon, BSides Manchester, and HackPra.
Soroush has also developed a widely-adopted testing methodology for financially-oriented web applications, which is utilized by security testers across the globe. Soroush may also be recognized for his discovery of the IIS semicolon vulnerability and the IIS Short File Name Disclosure vulnerability. In recent years, he has served as a judge for the Top 10 Web Hacking Techniques alongside esteemed industry experts such as James Kettle.
Pedram Hayati
Dr Pedram Hayati is the founder and CEO of SecDim, where he makes secure coding second nature for developers. As a researcher across both offensive security and application security, Pedram has:
* Published 25 + zero-day advisories since 2005
* Reported thousands of vulnerabilities to Fortune 500 companies
* Led the global penetration-testing unit at the world’s second-largest defence contractor
Holding a PhD in Information Security & Machine Learning, Pedram lectures postgraduate cyber-security at the University of New South Wales – Australian Defence Force Academy (UNSW ADFA) and founded SecTalks.org, a multinational non-profit security community with more than 25 000 members. His research regularly features on the global stage at Black Hat, DEF CON, FIRSTCon, NDC, and OWASP AppSec.