First PHDays III workshops: cyber investigations, attacks on SAP and Windows kernel
The guests of the Positive Hack Days III forum are waited not only by interesting reports, contests and CTF competitions, but also numerous master classes. Hands-On Labs on PHDays are practical exercises that take place under the motto “less words, more action”. Under the guidance of information security gurus from around the world, students are deeply immersed in the topic and do practical tasks in the field of information security with their own hands. To take part in classes, you just need to have basic training, a craving for new knowledge and bring a laptop with you.
The master class is dedicated to ensuring the security of web applications throughout the development cycle. During the lesson, practical approaches to identifying and eliminating vulnerabilities in the code developed in accordance with the recommendations of the Microsoft Security Development Lifecycle will be considered. The practical lesson will be interesting for web application developers and researchers who want to gain skills in constructing secure code and analyzing the security of complex projects using the white box method. The master class is based on Microsoft ASP.NET (Web Pages, Web Forms, MVC, Entity Framework, SignalR), however, it contains a minimum of environmental specifics and will be of interest to specialists who work with other web technologies stacks. Different classes of vulnerabilities will be presented on examples of zero-day vulnerabilities in popular products, web engines and web-based training applications.
In the course of the practical part, the most interesting attacks will be demonstrated, as well as all the considered techniques and methods of working with the code.
')
Moderator: Vladimir Kochetkov - expert of the Positive Technologies research center. He specializes in analyzing the source code of web applications and researching the security technologies of Microsoft. The developer of tools for automating tasks of analyzing the security of web applications, is a member of the PHDays HackQuest development team. In his spare time, he takes part in a project to develop a programming language Nemerle.
Forum participants will be presented with an in-depth analysis of the capabilities and internal sqlmap mechanisms. In one master class combined consideration of the functional features that have resulted from many years of hard work and thoughtful work with the needs of numerous user communities, and features hidden from view, the existence of which no one even thinks about.
Moderator: Miroslav Shtampar is a professional software developer and information security researcher. He is currently working on a doctoral thesis on the topic of security and organization of parallel data processing. He received the certificate of Microsoft Certified Solution Developer for Microsoft .NET in 2007 and since then has been working at AVL (www.avl.com), the world's largest privately owned company developing power transmission systems with internal combustion engines, as well as measuring equipment and systems diagnosing. In an effort to address security-related issues, he was one of the authors of the well-known open-source project sqlmap (www.sqlmap.org), dedicated to the automatic detection and exploitation of vulnerabilities like "Execute SQL-code", and since December 2009 has been constantly involved in its development. .
Hands-On Lab to investigate network incidents:
Hands-On Lab to investigate incidents using memory data:
Investigation using disk images using OSForensics (free version) - demonstration, problem solving.
Moderator: Alexander Sverdlov - trainer and consultant on information security. He developed and successfully conducts a five-day training course “Countering Computer Crime and Fraud” (Computer Crime and Fraud Prevention) on the use of the Moneybookers system (Skrill), created a training for ING Insurance (Bulgaria). While working at HP Global Delivery Center, EOOD participated in security audits, coordinated the preparation of vulnerability detection and elimination reports on Microsoft Windows, Unix, and database servers. CEH, CHFI, MCSE and MCTS certified. Author of several articles on various issues of information security.
Welcome to the world of NFC technology (Near Field Communication). The presenter will focus on high-frequency identification, but low radio frequencies will also be considered, since they are very often used when organizing access control to the premises.
The topics covered are from traditional NFC readers (13.56 MHz), their API and proprietary software, to Proxmark3 hardware, open source software (LibNFC), from common attacks to original RFID ideas.
Part of the master class will be devoted to the NXP MIFARE Classic technology, which is used worldwide for micropayments, physical security of buildings, and public transport. Some cases from the practice will also be considered, the moderator will tell you about the lessons he has learned from reverse engineering and social engineering.
Host: Nahuel Grissia is a twenty-seven-year-old explorer from Argentina. He specializes in web application security and hardware hacking. Discovered vulnerabilities in McAfee Ironmail, VMware and Manage Engine Service Desk Plus, as well as in a number of free software development projects (Achievo, Cacti, OSSIM, Dolibarr, and osTicket).
Conducted master classes at international conferences BugCON (Mexico), H2HC (Brazil), Ekoparty (Argentina), at events OWASP (Argentina) and others. In addition, he is engaged in the design of information systems, has a CEH (Certified Ethical Hacker) certificate and is a certified private pilot.
The master class will cover the basics of building a shell code for x86 processors, the main tasks for building a shell code, and ways to solve them. The focus will be on building minimum shell codes. The facilitator will present examples of shell code optimization and will offer participants to independently optimize a shell code area for the practical consolidation of the material.
Moderator: Anton Dorfman - a researcher, reverser and assembler fan. Since 2001 he has been teaching at Samara State Technical University, he is engaged in scientific and practical research in the field of software protection of information, has published more than 50 scientific articles. Designed and reads unique training courses on reverse engineering. Since 2009, the organizer and the playing coach of student teams of SamGTU, participating in competitions in computer security CTF.
Master class plan:
Moderator: Artem Shishkin - Information Technologies Security Specialist at Positive Technologies. Starting with system programming and obtaining the MCTS: Windows Internals certificate, to this day, he is researching the Windows operating system, its devices and vulnerabilities. Admires the core, pool damage and sync. Does not like Intel SMEP, bypasses it.
The laboratory workshop helps to master the basic techniques of analyzing application security and forensic analysis of mobile platforms based on Google Android. As part of the security analysis work, typical vulnerabilities detected by Positive Technologies experts will be demonstrated, including Google’s recently fixed Google vulnerabilities for Android, as well as zero-day vulnerabilities.
Moderator: Artem Chaykin - Leading Specialist, Web Applications Security Analysis Group at Positive Technologies.
Implementing an SAP ABAP attack
Exploiting SAP NetWeaver 7.0 Vulnerabilities
Operation of transport system vulnerabilities
Moderator: Vyacheslav Mavlyanov is an information security expert at Positive Technologies.
PS Detailed information about upcoming workshops, presentations and speakers can be found on the PHDays website .
PPS You can purchase tickets to the forum at the following link .
How to develop a secure web application and not go crazy?
The master class is dedicated to ensuring the security of web applications throughout the development cycle. During the lesson, practical approaches to identifying and eliminating vulnerabilities in the code developed in accordance with the recommendations of the Microsoft Security Development Lifecycle will be considered. The practical lesson will be interesting for web application developers and researchers who want to gain skills in constructing secure code and analyzing the security of complex projects using the white box method. The master class is based on Microsoft ASP.NET (Web Pages, Web Forms, MVC, Entity Framework, SignalR), however, it contains a minimum of environmental specifics and will be of interest to specialists who work with other web technologies stacks. Different classes of vulnerabilities will be presented on examples of zero-day vulnerabilities in popular products, web engines and web-based training applications.In the course of the practical part, the most interesting attacks will be demonstrated, as well as all the considered techniques and methods of working with the code.
')
Moderator: Vladimir Kochetkov - expert of the Positive Technologies research center. He specializes in analyzing the source code of web applications and researching the security technologies of Microsoft. The developer of tools for automating tasks of analyzing the security of web applications, is a member of the PHDays HackQuest development team. In his spare time, he takes part in a project to develop a programming language Nemerle.
Sqlmap: under the hood
Forum participants will be presented with an in-depth analysis of the capabilities and internal sqlmap mechanisms. In one master class combined consideration of the functional features that have resulted from many years of hard work and thoughtful work with the needs of numerous user communities, and features hidden from view, the existence of which no one even thinks about.Moderator: Miroslav Shtampar is a professional software developer and information security researcher. He is currently working on a doctoral thesis on the topic of security and organization of parallel data processing. He received the certificate of Microsoft Certified Solution Developer for Microsoft .NET in 2007 and since then has been working at AVL (www.avl.com), the world's largest privately owned company developing power transmission systems with internal combustion engines, as well as measuring equipment and systems diagnosing. In an effort to address security-related issues, he was one of the authors of the well-known open-source project sqlmap (www.sqlmap.org), dedicated to the automatic detection and exploitation of vulnerabilities like "Execute SQL-code", and since December 2009 has been constantly involved in its development. .
Cyber ​​investigations: the basics
Hands-On Lab to investigate network incidents:
- network incident investigation with Xplico - demonstration, practice;
- investigation of incidents involving the use of NetworkMiner;
- tasks for participants.
Hands-On Lab to investigate incidents using memory data:
- investigating a running computer using Mandiant's DumpIT and Memorize;
- investigation with the study of the memory of the computer turned off (after completion of work);
- practicum.
Investigation using disk images using OSForensics (free version) - demonstration, problem solving.Moderator: Alexander Sverdlov - trainer and consultant on information security. He developed and successfully conducts a five-day training course “Countering Computer Crime and Fraud” (Computer Crime and Fraud Prevention) on the use of the Moneybookers system (Skrill), created a training for ING Insurance (Bulgaria). While working at HP Global Delivery Center, EOOD participated in security audits, coordinated the preparation of vulnerability detection and elimination reports on Microsoft Windows, Unix, and database servers. CEH, CHFI, MCSE and MCTS certified. Author of several articles on various issues of information security.
RFID Master Class
Welcome to the world of NFC technology (Near Field Communication). The presenter will focus on high-frequency identification, but low radio frequencies will also be considered, since they are very often used when organizing access control to the premises.The topics covered are from traditional NFC readers (13.56 MHz), their API and proprietary software, to Proxmark3 hardware, open source software (LibNFC), from common attacks to original RFID ideas.
Part of the master class will be devoted to the NXP MIFARE Classic technology, which is used worldwide for micropayments, physical security of buildings, and public transport. Some cases from the practice will also be considered, the moderator will tell you about the lessons he has learned from reverse engineering and social engineering.
Host: Nahuel Grissia is a twenty-seven-year-old explorer from Argentina. He specializes in web application security and hardware hacking. Discovered vulnerabilities in McAfee Ironmail, VMware and Manage Engine Service Desk Plus, as well as in a number of free software development projects (Achievo, Cacti, OSSIM, Dolibarr, and osTicket).
Conducted master classes at international conferences BugCON (Mexico), H2HC (Brazil), Ekoparty (Argentina), at events OWASP (Argentina) and others. In addition, he is engaged in the design of information systems, has a CEH (Certified Ethical Hacker) certificate and is a certified private pilot.
Master shellcode
The master class will cover the basics of building a shell code for x86 processors, the main tasks for building a shell code, and ways to solve them. The focus will be on building minimum shell codes. The facilitator will present examples of shell code optimization and will offer participants to independently optimize a shell code area for the practical consolidation of the material.Moderator: Anton Dorfman - a researcher, reverser and assembler fan. Since 2001 he has been teaching at Samara State Technical University, he is engaged in scientific and practical research in the field of software protection of information, has published more than 50 scientific articles. Designed and reads unique training courses on reverse engineering. Since 2009, the organizer and the playing coach of student teams of SamGTU, participating in competitions in computer security CTF.
Windows kernel: a short course for a young fighter
Master class plan:- general physical training (setting up the OS and debugging tools);
- instruction on the use of weapons (skills with WinDBG);
- orientation on the ground (collection of information in the core);
- Know the enemy by sight (OS kernel defense mechanisms);
- combat tactics (features of operation);
- training (an example of exploiting a vulnerability in a kernel component).
Moderator: Artem Shishkin - Information Technologies Security Specialist at Positive Technologies. Starting with system programming and obtaining the MCTS: Windows Internals certificate, to this day, he is researching the Windows operating system, its devices and vulnerabilities. Admires the core, pool damage and sync. Does not like Intel SMEP, bypasses it.
Android application security
The laboratory workshop helps to master the basic techniques of analyzing application security and forensic analysis of mobile platforms based on Google Android. As part of the security analysis work, typical vulnerabilities detected by Positive Technologies experts will be demonstrated, including Google’s recently fixed Google vulnerabilities for Android, as well as zero-day vulnerabilities.Moderator: Artem Chaykin - Leading Specialist, Web Applications Security Analysis Group at Positive Technologies.
SAP Attack Methodology
Implementing an SAP ABAP attack- Identify available SAP services (by IP address range)
- Connect to Oracle without authentication
- Password selection for service users in Oracle
- Search for accounts (method from CEH course)
- Interception of passwords using Wireshark
- Selection of passwords obtained from USR02
- Run programs from OS level
- Analysis of RFC connections (storage of authorization data)
Exploiting SAP NetWeaver 7.0 Vulnerabilities
- Search running Java services
- Retrieving information by analyzing event logs in a SAP Java applet (without authorization) <
- Obtaining and analyzing event logs by an authorized user with minimal privileges (Java)
- Substitution HTTP requests to SAP Java services
- Accessing the OS by exploiting service vulnerabilities
- Java Secure Storage Analysis
Operation of transport system vulnerabilities
- Features of the SAP landscape and transport subsystem
- Creating an account with administrative privileges using a transport request spoof
Moderator: Vyacheslav Mavlyanov is an information security expert at Positive Technologies.
PS Detailed information about upcoming workshops, presentations and speakers can be found on the PHDays website .
PPS You can purchase tickets to the forum at the following link .
Source: https://habr.com/ru/post/177815/
All Articles