Palestrantes
A grade completa será anunciada em breve.
Keynote: Dispelling the myths and discussing the facts of global cyber-warfare
Jayson Street
There is a war being raged right now. It is being fought in your living room, in your dorm room even in your board room. The weapons are your network and computers and even though it is bytes not bullets whizzing by that does not make the casualties less real. We will follow the time line of Informational Warfare and its impact today. We will go deeper past the media hype and common misconceptions to the true facts of whats happening on the Internet landscape. You will learn how the war is fought and who is fighting and who is waiting on the sidelines for the dust to settle before they attack.
Jayson E. Street is Chief Information Security Officer at Stratagem One and Assistant VP Information Security at A National Bank. In the past he acted as consultant for the FBI and the US Secret Service as well as guest speaker in several law-enforcement events. Jayson has been interviewed by Forbes and Scientific American regarding his research on the issue of cyber-warfare. Also, he is on the SANS GIAC Advisory Board and his affiliations include Oklahoma ISSA, Infragard, OSVDB and SNOSoft research team.
Practical (Introduction to) Reverse Engineering
Julio Auto, Pesquisador independente
Uma viagem através de dois lados da Engenharia Reversa: o básico e o avançado. Cobrindo conceitos essenciais e demonstrando prácticas usadas no mundo real, essa apresentação visa munir o espectador com conhecimento suficiente pra começar imediatamente a praticar engenharia reversa e atingir resultados reais, tangíveis, e úteis.
Julio Auto é um pesquisador de segurança independente, "hobby" que pratica nas horas vagas do seu trabalho como engenheiro de software em uma das maiores empresas brasileiras de R&D em tecnologia. Como parte de suas pesquisas pessoais, Julio trabalha no desenvolvimento do projeto ERESI (http://www.eresi-project.org/), que, dentre outras coisas, já o proporcionou um currículo como palestrante internacional, tendo lecionado em conferências como H2HC, Ekoparty, e Black Hat Europe. Julio Auto é bacharel em Ciências da Computação pela UFPE e apoia a redação da The Bug! Magazine, a apreciação de cerveja, e a produção de música de qualidade.
Intro to Windows Kernel Security Development
Stephen Ridley, Matasano
There is very little salient about Windows kernel auditing and kernel exploitation techniques. This is probably due to the nature of
the security industry these days. Bugs are getting harder to find, so techniques tend to be closely held. There have been some "primer"
presentations on Windows kernel security and some very specific kernel exploitation presentations on specific bugs. This presentation
is more on "lessons learned" while developing kernel security auditing tools for the Windows kernel. Three specific original tools were
written (and will be released with the presentation along with source code).
1. A Kernel-space shellcode test harness (called KHD)
2. A light-weight Kernel-space "detours"
3. A light-weight Kernel-space "NT Object sniffer".
This presentation will also cover a bit on reverse engineering drivers with IDA, and some of the "gotchas" there such as identifying
and reversing DRIVER_OBJECT dispatch functions from kernel drivers. It will also cover and demo some "kernel shellcoding" techniques
and interesting things found within the layout of the kernel. The presentation is targeted at those new to kernel security auditing
and kernel security tool development. Source code for all the original tools released as well as notes and links to reference materials
will also be made available. The goal for this presentation being a "one stop shop" for an introduction to Windows kernel security
development (fuzzing, shellcoding, etc.) Some discussion of public tools will also be a small part of the presentation (Kartoffel, etc.)
Stephen A. Ridley is currently Senior Security Researcher for Matasano Inc. He was formerly a Senior Security Architect at McAfee and at Aegis Research (now ManTech Security and Mission Assurance) supporting the U.S. Defense and Intelligence communities. He lives in Manhattan, NY.
Advanced Payload Strategies: What is new, what works and what is hoax?
Rodrigo Rubira Branco (BSDaemon), CheckPoint / COSEINC
Esta apresentação foca na perspectiva do shellcode e sua evolução. Desde o mais simples {shell}code ao polimorfismo para contornar filtros e I{D|P}S (com várias novas idéias, como decoders específicos para aplicações, decoders baseados em instruções específicas a arquiteturas e outros), passando por syscall proxying e injection, esta palestra irá explicar como funciona e quão efetivos são contra novas tecnologias como network code emulation, com demonstrações ao vivo. Há bastante tempo foi escrito o primeiro texto sobre shellcoding. A maioria dos artigos mais recentes tentam explicar a estrutura do assembly e muitas idéias foram somente lançadas como código, porém nunca detalhadas e explicadas. Esta palestra irá tentar fazer uma ponte, mostrando algumas novas idéias e levando em consideração arquiteturas diferentes.
Rodrigo Rubira Branco (BSDaemon) é Security Expert na Check Point Software Technologies e Vulnerability Research Senior Consultant no
Vulnerability Research Lab (VRL) da COSEINC. Ele trabalhou como engenheiro de software na IBM, membro do Advanced Linux Response Team
(ALRT), parte do IBM Linux Technology Center (IBM/LTC). Ele é mantenedor de vários projetos open-source e palestrou nas conferências
de segurança mais importantes do mundo. Rodrigo também é membro do RISE Security (www.risesecurity.org).
Advanced SQL Injection
Joseph McCray, Rapid7 / LearnSecurityOnline.com
SQL Injection is a vulnerability that is often missed by web application security scanners, and it's a vulnerability that is often rated
as NOT exploitable by security testers when it actually can be exploited.
Advanced SQL Injection is a presentation geared toward showing security professionals advanced exploitation techniques for situations
when you must prove to the customer the extent of compromise that is possible.
The key areas are: IDS evasion, privilege escalation, re-enabling stored procedures, obtaining an interactive command-shell,
data exfiltration via DNS.
Joseph McCray is currently Assessment Practice Manager at Rapid7 and founder at LearnSecurityOnline.com. He was formerly a U.S. Army
Information Assurance Network Engineer (Multi-National Forces Iraq), performed IA network assessments for U.S. Army installations,
assisting with several Secure Network Architecture deployment initiatives and with the deployment of several IDS/IPS systems. He also
had a position as Intrusion Analyst for the U.S. Army Regional Computer Emergency Response Team.
Joseph is currently teaching courses at Johns Hopkins University (JHU), University of Maryland Baltimore College (UMBC)
and universities and training centers around the United States.
Secure Log Centralization, Analysis & Security Visualization
Gustavo Monteiro, Pesquisador independente
O desafio de garantir que as informações contidas nos logs sejam transferidas através da rede e cheguem a um servidor centralizador de logs de forma correta e sem modificações é um dos passos cruciais para uma análise de logs bem sucedida. Esta apresentação se foca em como realizar transferência e armazenamento em uma rede potencialmente hostil. Esta palestra inicia com os primórdios da análise de logs, passando pelos ataques que poderiam comprometer a disponibilidade e integridade dos logs, e finaliza com uma demonstração do Splunk, introduzindo o conceito de security visualization.
Gustavo Monteiro é estudante de graduação em Ciência da Computação na Universidade Católica de Pernambuco. No passado ele trabalhou com penetration testing e nos últimos anos tem trabalhado com análise de logs e correlação de eventos para gerenciamento de segurança.
GSM For Fun and Profit
David Batanero, Independent researcher
What happens when you pick up your mobile phone? Are you calls secured? How can you improve your privacy? How secure is your smartphone/mobile phone? Is your mobile network reliable? Why don't use encryption for your conversations, why don't use a PBX? Is secure to use VoIP? If you find a mobile phone, why don't you do a forensic? I will try to answer these questions, as part of the presentation I will show a live demonstration of the GSM traffic sniffing in a mobile phone, and what is possible to do with it.
David Batanero has been involved in GSM security research for about eight years. He spoke at some security-focused conferences including G-Con II, G-Con III, Caixanova-Tecnoatlantico, and has given lectures in universities at Colombia and Spain. He currently works as coordinator for a line of telecommunications products in a multinational.
Exploiting PDF Readers
Felipe Andres Manzano, Independent security researcher
I've been playing with PDF embedded formats for around a year now, and I have coded a couple of tiny libraries that enable the creation of "nasty" PDFs files from scratch. I'd like to show a really small Python lib that allows the construction of simple PDFs, clearing the way for the coding of specific fuzzers. To keep it from being a complete mind trip, I will show how to actually build trivial PDFs, and how to make a fuzzer out of it, targeting some arbitrary embedded tags. Finally, I'll try to transmit the fear of PDFs files 'explaining' a complete -not-stack-based- exploit for some known vulnerability (presumably #OCERT-2008-007).
Felipe is an independent security researcher mainly focused on software vulnerabilities. He is also a nine-to-fiver Software Engineer at an undisclosed company. In the past he enjoyed being part of the Exploit Writers Team at CORE Security Technologies and before that a nmap ninja at flowgate.net. Previous to obtain his BSc in Computer Science at Universidad Nacional de Rosario, Argentina, he took his first steps in security adding MLS to a Linux kernel FS for a university-hosted R+D project.
Ut cognitione visus: ut ipso intellecto - BinNavi v2
Tiago Assumpção, zynamics
Complexity and synthesis. Two nouns that often pair up since people started crafting artificial languages to describe
sophisticated systems.
To the linguist, a "synthetic language" is one with a high ratio of semantically meaningful pieces (morphemes)
marshalled throughout its lexicon.
When a lot is to be said -- by means of a compact structure --, collection, organization and comprehension represent an epic
movement to the interpreter. Often an epic fail.
This is what reverse engineering modern software is. And this is the case wherein BinNavi posits a tuning to human
cognition. If you happen to not be a philosopher but, rather, a software hacker, this speech, too, targets you: interact with
binary code and with "hidden" data structures as they were part of your ordinary speech. Dead or live analysis by means of
scripting and visualization. Be able to abstract an executable file: be it the language structure, via the RE intermediate language,
or be it the program flow, assisted by graph-theoretic and data modeling procedures.
Be you the philosopher or the hacker, be your analysis experience utterly shifted.
The above, all too wordy? Sit back and watch the pretty pictures come together in a full blown 0day exploit.
Curious and enthusiastic about, basically, every thing. Tiago has found out to enjoy certain things more than others: fine wines,
single malts, pens and panama hats. Less materialist objects such as Bas Alberts, Literature and Logic.
When approaching the ground, at zynamics, he's been thinking about program analysis and visualization, reverse engineering,
bug-hunting and hugging.
Ordinarily, Tiago is at Poetry and in the Classics. He studies Classical Languages at the Federal
Univesity of Paraiba (UFPB) while, he insists, "Rhetoric and Literature can tell more, in a sounder manner, than Mathematics."
Sponsors
Platinum
Gold
Silver
Media Partner
