The big story about BlackHat USA'2014

Literally the other day (August 2-7), the most famous security conference in the world, BlackHat USA'2014, was held in which we took part in all its sections: trainings, making presentations and participating as sponsors with a counter in the business hall. A lot of interesting, personal impressions and in general - in detail about konfu under the cut!

So, about BlackHat. BlackHat is one of the oldest and most well-known security conferences in the world, held throughout the year in different parts of the world, but the most "main" one is in the USA, Las Vegas. Most often, the coolest reports for the first time can be heard precisely here, since many reporters “hold” to the last their results, waiting for the performance on BH. In general, this is where we visited :)


Venue - Mandalay Bay Hotel (with a very non-trivial plan - it's pretty easy to get lost)
')

Part One - Training

As I said, BH "consists" of three parts. The first is training (August 2-5, 4 days). The essence is this: different companies and independent writers submit applications describing the training on a topic that somehow relates to information security (reverse, web, network, social engineering, hardware hacking, etc.). The organizers consider the applications, publish the qualifying trainings on the site and after that they are responsible for recruiting students for the training, accept payment (average price ~ 2-4 thousand dollars) and do other org. questions (provision of room for the training itself, typical equipment, meals, etc.). We also submitted an application with the theme ENTERPRISE BUSINESS APPLICATION SECURITY: ATTACK AND DEFENSE and passed the selection, becoming the first company in the Russian Federation who conducts training on BlackHat! Almost all the places were sold out.


At the training with AlexandrPolyakov

It is worth noting that for me it was the third training with this topic (the first was in Denmark along with chipik (for different corporate customers), the second at Hack In Paris in France according to a similar scheme with BlackHat and the third, in fact, at BlackHat). During this time, I realized that the level of students is very “jumping” and it is almost impossible to prepare material of the same level - some people rewrite the exploit even before you explained it, while others sit on the spot without knowing how to copy from cmd to cmd and ask what is python. Therefore, it is important to be able to teach everyone so that everyone will be satisfied and get what they expect from the training:]

BlackHat stood out by the fact that there were still more “rummaging” people who could clearly and quickly carry out practical tasks and evaluate the entire fan from some attack vectors.
After completing two days of training, teaching people how to break SAP, exploit vulnerabilities and misconfigs in Oracle, as well as other business applications from Oracle and Microsoft, was two days off (some other trainings went longer or started later). During this time, who where - who in LA, who on Grand Canyon or somewhere else closer, in time to return to the beginning of the second and third part of the conference.

A little about the price. The average lunch is more expensive than usual - $ 12-14, a ticket for two on the bus Las Vegas - LA - Las Vegas = $ 90, a bit more expensive you can fly by plane, if you buy tickets in advance (I always wanted to take a bus between the cities, it came true, more do not want). Hotels are very cheap - something very simple in the center of Vegas with Wi-Fi and breakfast - 30 bucks, if a good hotel (for example, where the conference takes place) - from 100 or more per day (the price of the most ordinary hotel in Moscow). Movement is almost always only by taxi - it goes about 10 for a trip inside the city (along the strip, the main street). A lot of paid and free entertainment (for example, fire show, Bellagio fountains, etc.). Well, everywhere the tip of 15% and taxes :)

Part 2 and 3 - vendor exhibition and reports

I combine these parts, as they run in parallel (August 6-7).
About the exhibition.


Photos from the site blackhat. Showroom

If a company wants to sponsor BlackHat, then naturally it gets something in return ( here pdf'ka with prices and buns). We were there with this stand:


Here, almost all of our team that participated in BlackHat, excluding dark_k3y , read the report on the process control system

Total - a hefty hall, where just a bunch of vendors, some buns are distributed around each rack (sometimes quite expensive - for some randomized instant lottery prizes of $ 100 + can perepip and try to tell you something about their product. But beforehand, everyone on the booth reads your NFC badge, where your mail, name and other data ... And next Monday after the conference you will be able to detect a lot of spam :) Also, there were absolutely no hacker competitions, such as shooting ducks. Although, sometimes there were local CTFs (just at the exhibition).


With chipik we try to win in the kicker and pick up the prize.

Yet about the hacker contests - I took part in a couple of them - from HP (15 minutes, you need to find typical web bugs, 10 tasks, easy) and from Symantec - it was more difficult and the main prize - 5k USD. (no one took). I managed to take a few flags in an honest way and accidentally pock a backup server through MS08-067 (very strange that there was such an old unpatched machine), where there were almost all the flags:] In general, they missed various things that were heard by the most persistent and who decided (in vraytape there is no sense).

Reports - the epic part of the conference. I think many have heard about the report on how to de-anonymize any user in TOR for $ 3000 and about its subsequent cancellation , it's all on BlackHat, like many other passions and intrigues. It is also a great time to personally meet many well-known resellers.

From our company there was a report on how to hack the ERP system through the current loop (what is only one name, yes?) From dark_k3y . By the way, I think that it is just appropriate to insert a paragraph from it here, once we discuss the topic of the reports:

Of those reports, which managed to go, you can select some of the most interesting. First is the report of Jeong Wook Oh
"REVERSE ENGINEERING FLASH MEMORY FOR FUN AND BENEFIT" (reverse engineering flash memory for fun and revenue), in which
techniques for restoring and reverse engineering firmware from NAND memory were shown. At the same time, the speaker danced from the stove, that is,
on how to properly remove the NAND chip from the device board and before disassembling the firmware in IDA, while demonstrating
developed utilities for correct extraction of firmware from chips of different manufacturers. I also really liked the report.
"MULTIPATH TCP: BREAKING TODAY'S NETWORKS WITH TOMORROW'S PROTOCOLS" telling about the TCP protocol extension - MPTCP and
security issues that may arise when using it. And of course, Charlie Miller was traditionally very good
with its latest research on the safety of cars "A SURVEY OF REMOTE AUTOMOTIVE ATTACK SURFACES".

Bonus part: parties

There is also the traditional end of the day - parties from various companies at the end of the day (usually days of reports). It looks like this: go to www.blackhat.com/us-14/party-and-networking.html , also just communicate and look around in the business hall, choose parties at a convenient time (usually it is 2-3 parties in the evening, from, for example, from 7 to 9 pm and onwards), we are registering (sometimes it is just a personal note on the booth in the business hall) and at the appointed time we go to hang out :) Free strong drinks, cocktails, music, etc. - all for those who came to the party. At the same time, I have not met any advertising or public relations at any party. Just as if everyone had gathered in one place and had a rest.


Evening party in the club hakkasan from Microsoft

In the rest (IMHO)

BlackHat is very cool and expensive (for the same DefCon entry costs $ 220, here $ 2k +). But there are disappointments. I walked around in different companies' booths and many sell such a huge amount ... Absolutely unimpressive products. And many have a problem with preparation in general. I understand that the racks are mostly sales managers, but they also need to know at least the OS on which their product can work. Or simply you meet a completely typical product for another analysis of the network and building its map. Some fairly honestly answer - “Do you know the product XXX? So, we are the same, only cheaper ”(while the stand of the product XXX stands opposite). Perhaps, just techies do not have to go into the business hall, and then he and business :) But there are some cool parts - trainings and reports, they are at an excellent level.

And in Vegas, and specifically on BlackHat - cool, definitely worth going not only for fun, but also experience, personal acquaintances and knowledge.