Only takes a Spark - Popping a shell on a 1000 nodes

Apache Spark is one of the major players if not the leader when it comes to distributed computing and processing. Want to analyze terabytes of business data to uncover fraud, make predictions, estimate future sales or calculate revenue ? Whip out a 200 nodes cluster on Spark and you are good to go.

This talk will show you how to get a shell on each one of these nodes! We are talking about systems that, by design, have access to business databases and S3 buckets. This is game over for most companies. I will also release a tool that will help you pentest Spark clusters, execute code and even bypass authentication (zero day).