Mainframes run the world, literally. Have you ever paid for something, a mainframe was involved, flown? Used a bank? Gone to college? A mainframe was involved. Do you live in a country with a government? Mainframes! The current (and really only) mainframe OS is z/OS from IBM. If you've ever talked to a mainframer you'll get told how they're more secure because buffer overflows are (were) impossible. This talk will prove them all wrong! Finding exploits on z/OS is no different than any other platform. This talk will walk through how you too can become a mainframe exploit researcher! Remote code execution is extra tricky on a mainframe as almost all sockets read data with the ASCII character set and convert that to EBCDIC for the application. With this talk you will find out how to find and then remotely overflow a vulnerable mainframe C program and create a ASCII - EBCDIC shellcode to escalate your privileges remotely, without auth. Previous mainframe talks focused on infrastructure based attacks. This talk builds on those but adds a class of vulnerabilities, opening up the mainframe hacking community.