Russian hackers in Poland, or CONFidence 2012

Hello to all! Today we would like to talk about our trip to the conference on information security CONFidence , which was held in Poland on May 23-24, in the city of Krakow. This conference was held this year for the 10th time. This report on the trip to the conference will be quite unusual, because we wrote it four together and partly during the conference. But first things first.

About a month before the conference, we sent our current research (“Light and Dark Side of Code Instrumentation” and “How to hack VMware vCenter server in 60 seconds”), which we ( d1g1 , jug and d00kie ) conducted as part of our activity, to the CFP conference. Digital Security Research Center. And our friends Andrei Petukhov and Karim Valiev (from Moscow State University) sent a report with the topic “You can’t believe blind”: These reports successfully passed the selection committee, and we all went to Poland (Alexey Sintsov, unfortunately, was unable to go for personal reasons). We chose the route St. Petersburg - Warsaw - Krakow, and our friends from Moscow - a direct flight to Krakow.
')
It should be noted that our research center has already been selected several times at CONFidence:

• 2010 (Krakow): Alexey Sintsov - “ You can't stop us: latest trends on exploit techniques ”
• 2010 (Prague): Alexey Sintsov, Alexander Polyakov - “ Stupid mistakes. Architecture and business logic vulnerabilities ”
• 2011 (Krakow): Alexey Sintsov - “ DNS for evil ”
• 2012 (Krakow): Alexander Minozhenko - “ How to hack VMware vCenter server in 60 seconds ”
• 2012 (Krakow): Dmitry Evdokimov - “ Light and Dark Side of Code Instrumentation ”
• 2013 (Krakow): In process =)

Well, now let's go directly to the event itself. We will try to convey the atmosphere of CONFidence, but, of course, to feel it fully, we must visit it at least once. The specialists of the Digital Security Research Center have a great experience in attending international conferences on information security, so I’m surely saying that CONFidence is clearly different from all the others.

So, upon arrival at the Krakow airport, we were met by a lovely girl Justin (in general, during the conference three wonderful girls helped the speakers: Justin, Edith and Caroline). Besides us, at the same time the legendary John Draper , also known as “Captain Crunch”, flew from Los Angeles via Frankfurt (his journey took 10 hours). For those who do not know who Captain Crunch is: this is the man who invented the Blue box and taught him how to make Steve Jobs and Steve Wozniak (they then sold it, like Kevin Mitnick). This device was used by phreakers for free calls around the world.



While we were driving to the hotel, he told a lot of interesting things about his past. It turns out that he was in Russia, in 1989, at some kind of academic conference, where he told Soviet scientists about computers. We were struck by the fact that, despite its venerable age, it is full of furious energy. He is an avid visitor to the Burning man , loves to listen to psychedelic trance, go to raves, and even DJs. About him you can write a whole separate article! And we think that a book and a film about him is just around the corner.

All invited speakers lived in the four-star hotel Galaxy, within walking distance of the city center.



Speakers were taken by car to the conference every morning. It took place not in Krakow itself, but in its suburbs, in nature, in the building of a former water treatment plant from the times of the Great Patriotic War.



The speakers had their own VIP-room, where they could sit quietly, prepare for their performance or just chat and eat. This room was located in a nearby tower.



This time the conference was sustained in the Soviet, proletarian style - this could be seen from badges and posters.



At the conference there were two parallel tracks in two large darkened rooms with beautiful lighting. Hall for the first track:



Hall for the second track:



We will not write about the reports themselves in detail, since all presentations are already available on the CONFidence website. The conference program amazes with the number of reports from Americans: I remember at least 5 of them. Communication with the speakers themselves reveals an interesting fact: everything at CONFidence is not the first time. Of course, we all know that the so-called “tusa” is going around each conference, which constantly goes there. The question is different: how did the constant speakers of defcons and blackhat from the USA turn out to be there? The answer became obvious to us at the end - this is the attitude towards the speakers from the organizers + the atmosphere and the level of the conference itself.



The atmosphere at the conference is very homely: everyone is actively getting to know each other, talking, talking and exchanging experience. In general, the Poles are very kind people. However, this, probably, was promoted by excellent weather, fresh air and beer in the bar. I personally managed to perfectly communicate with the author of the once sensational exploit for a vulnerability in the .HLP file of Windows. It is also worth noting that it is not the first year that people from other countries come to this conference not only as speakers, but also as visitors.

Any conference is always an opportunity to talk with the community, meet someone interesting, pump skills in conversational English and comprehension. Holivar was remembered from communication at the end of the first day after the welcome party, in which two representatives of academic circles and one practitioner came together. He told how cool he was bypass the barracuda WAF (signature-based WAF, working on the black lists of bad patterns) for two years in a row, and that makes a living. Sandy 'Mouse' Clark and I said that bypass black-list filtering is monkey business. Especially considering the fact that all HTTP servers have their own HTTP parser, which is prone to type hpirk HPP and HPC. Accordingly, the intermediate parser can usually be completed with knowledge of the features of the target parser on the side of the web application ... Shout at each other - hoo. In the morning they laughed :)



Dinner at CONFidence is a separate topic! A wonderful lunch in nature with a huge amount of kebab, chicken, lula kebab, etc.



At one of the dinners for the speakers, we managed to talk to a man from the Core Group company - one of the organizers of the X-traction point. He said that they organize trainings at BlackHat on Physical Penetration testing, where they talk about locks, alarms and unauthorized entry into the premises, thereby raising awareness of physical security. These courses are very popular with government officials.

The foreigners are very interested in the Russian hacker community. They told us a lot about how they sit on our forums and try to translate posts via google translate. In their eyes, we have a very closed community and a lot of good, exclusive material. We were very pleased that they know the conference we are organizing - ZeroNights , and are going to attend it this year.

It is worth noting that this Polish conference was overwhelmed by such a huge amount of classes that it looked like a festive fair with a lot of rides: if you want, play karatekas atari, if you want, in Mortal Kombat 5 on PS3 (some of our delegation became MK champion ), if you want, take part in outdoor activities such as shooting or bypassing motion sensors and surveillance cameras. Well, crackme, CTF and all sorts of hack-quests, where without them. Add to this sunny weather on the street, beer with a grill within walking distance, skillful DJing (the guys put on extremely well-known compositions AC / DC, Metallica, Rammstein, Nightwish, Guns'n'Roses, etc.) - and you get an event where you want return as a speaker, and just as onlookers.



More you want to talk about the unusual competition X-traction point . On the territory of the conference there was an abandoned bunker from the Second World War, where this competition was held. Its essence was that the participants needed to get into the bunker and save a pretty girl. But it was not so easy, as the bunker was equipped with security systems, alarms, locks, surveillance cameras, turrets and security guards. It was necessary to apply the skills of breaking locks, computer networks, alarms and firing. Wins the one who will save the girl from the bunker the fastest and at the same time go unnoticed. All participants had video cameras, and you could see the live stream action.



As for the cultural program, Krakow is a very beautiful old city. The symbol of the city is a dragon, and there is a lot of it here.



PS Soon, wait for the reports of visits by our specialists with their new studies of Just4meeting security conferences (Carcavelos, Portugal) and BlackHat USA (Las Vegas, USA).