BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.troopers.de//tr26-cfp//talk//3RETQ9
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-tr26-cfp-3RETQ9@cfp.troopers.de
DTSTART;TZID=CET:20260625T131500
DTEND;TZID=CET:20260625T141500
DESCRIPTION:Microsoft Dataverse lets you deploy custom .NET plugins that ru
 n server-side in process-isolated Windows Server containers. We deployed o
 ne. Within minutes we had SYSTEM on the box\, a full LSASS dump\, NTLM has
 hes\, DPAPI master keys\, a production TLS private key for Microsoft's san
 dbox infrastructure\, internal Microsoft tenant IDs\, 52 other customers' 
 organization GUIDs\, and 46 proprietary Microsoft DLLs that were never mea
 nt to leave that container.\n\nBy decompiling those DLLs (nearly 14\,000 C
 # source files)\, we reverse-engineered the gRPC protocol that the sandbox
  uses internally\, discovered every method is unauthenticated\, and built 
 custom tooling to call them. That path eventually led us to explore cross-
 tenant code execution\, though we'll be honest about what we could and cou
 ldn't prove there.\n\nThis talk is about what you can pull out of a cloud 
 sandbox when the defaults are too permissive\, and how a pile of exfiltrat
 ed DLLs turned into a much bigger problem than anyone expected.
DTSTAMP:20260510T030751Z
LOCATION:Track 2
SUMMARY:Popping Microsoft's Sandbox: What Falls Out of a Dataverse Containe
 r - Simon Maxwell-Stewart
URL:https://cfp.troopers.de/tr26-cfp/talk/3RETQ9/
END:VEVENT
END:VCALENDAR