NeoQUEST-2017: what awaits the guests at the jubilee "confrontation"?

June 29, 2017 in St. Petersburg will be the anniversary, the fifth "confrontation" NeoQUEST! And we are happy to invite everyone who is interested in information security: students and applicants of IT-specialties, developers, testers, administrators, experienced specialists and newcomers in info security, hackers and geeks!

Admission to NeoQUEST-2017 is traditionally free , but requires registration on the event website !

Anniversary "confrontation" is preparing surprises, and guests will enjoy a rich, diverse program, which will have a lot of new and interesting! So, on NeoQUEST-2017 will be:
')

1. Fascinating practical reports on the most relevant in the world of cybersecurity. Even in the traditional, there were no surprises: for the first time in the history of "Face-to-face", guests will receive an interesting report from the depths of cryptography: about elliptic curves and cryptosystems on isogeny. In addition, let's talk about security at the “hardware” level (SMM, motherboards, embedded devices), and at the “high” level (WSN networks, pentest, and much more)!
   
   
2. FOR THE FIRST TIME: Workshop Section! We boldly declare: without practice, it is impossible to become a really cool information security specialist. That is why, in parallel with the reports, workshops will be held where active guests can learn something new.
   
   
3. FIRST: FastTrack reports: quickly, clearly, with a twinkle - let's talk about the latest news in the field of information security!
   
   
4. Contests for “hacking” and not only, quiz “Examination of information security” and cosmically cool prizes. We remind you that this year NeoQUEST has a space theme, and this will undoubtedly affect contests and prizes!

In addition, a report contest will last another week: do you want to tell your hacker community of St. Petersburg about your cybersecurity sketches? Leave a request on the site , and our team will certainly contact you!

Intrigued? Welcome under the cat: let's talk in detail about the reports and workshops!

For those who first hear about NeoQUEST

NeoQUEST is a cybersecurity event that has been held by NeoBIT together with the Department of Information Security of Computer Systems at St. Petersburg Polytechnic University since 2012. NeoQUEST includes 2 stages:

1) Hackquest - qualifying online stage of the competition, which is an individual CTF;
2) "Face-to-face" is a one-day event for all comers, within the framework of which, among other things, the final stage of the hackquest also takes place.

Online stage hackquest

As part of the online hackquest stage, we develop many tasks from different areas of information security and come up with a fascinating legend. Within 10-11 days, registered participants complete these tasks, receiving points for them in accordance with the dynamic grading scale: points are awarded taking into account who passed the task before everyone else.

Tasks have different complexity and cover very many areas of information security: cryptography, network security, security of the Web and iOS and Android mobile operating systems, virtualization, search and exploitation of vulnerabilities, steganography and much more. After the end of the online stage, we sum up, give the top three valuable prizes, and send the best souvenirs to several of the best ones. Then we send a certain number of participants an invitation to St. Petersburg for the hackquest final as part of the “confrontation”.

"Confrontation"

"Face to face" - a one-day event held in St. Petersburg, including:

- reports on the most relevant topics of cyber security;
- real-time attack demonstrations;
- contests for "hacking";
- Twitter quiz “Examination of information security” - for ingenuity and basic knowledge in the field of information security;
- The final stage hackquest for the best participants of the online-stage.

Anyone can visit the “confrontation” - admission is free! This year's "Faceplate " will be held at the Congress Center "PetroCongress" (by the way, just 5 minutes from the metro!), The beginning of the reports - at 11:00 am.

And now - about the reports!

The list is still being clarified, at the moment the guests are waiting for the following reports:

1. Vadim Shmatov: "Blockchain on copyright protection." Everyone loves torrents: they are fast, easily accessible and completely free. Unfortunately, torrents create a lot of information security issues: copyright infringement, the spread of malicious software, and so on. The report will look at how blockchain technology can be used to create an alternative network to torrents. In such a network, files are downloaded quickly and easily, authors receive royalties, and active users are rewarded. Such a network would allow both large companies and individual authors to organize the distribution of their works without intermediaries, and ordinary users to get quick and inexpensive access to original music, films, games. This could reduce the scale of piracy and reduce the damage from it to both copyright holders and ordinary users.
   
   
2. Anastasia Yarmak, Anna Shtyrkina: “Winter is coming: post-quantum cryptography and the decline of RSA - a real threat or an imaginary future?”. In 2015, NIST and NSA announced the need to move to new cryptographic algorithms that are resistant to quantum computers. Is the world ready for a cryptographic apocalypse, and does this mean that the decline of classical asymmetric cryptosystems is approaching? The report will look at the role of elliptic curves in modern cryptography, the task of calculating the isogeny of elliptic curves as a candidate for building postquantum cryptosystems, as well as real examples of using the Microsoft SIDH library to create your own applications.
   
   
3. Alexey Nikolsky: "I follow you SMMotry." Modern x86 computers are oversaturated with features and functions, which explains their popularity, including among hackers who take pleasure in using all the existing capabilities to attack users' computers and get benefit from it. On the previous NeoQUEST, we already talked about Intel VTx, TXT, TPM , and ME (AMT) technologies. This year, it is time to talk about System Management Mode - a special mode of the processor, which has been used for a long time by both computer developers and hackers. In the report we will understand how the most privileged mode on the processor is protected (even cooler than the hypervisor). In practice, see how they can take advantage of violators.
   
   
4. Andrei Dakhnovich: “What bad can happen when you type google.com in the address bar of your browser and press Enter?”. Two years ago, an article titled “What happens when you google.com go to the browser” was published on github.com. During the first two months, as many as 2 translations of this article into Russian were posted on Habrahabr ( here and here ). It describes in detail everything that happens to your computer during such a request, starting by pressing the "g" key and ending with rendering the page in the browser. In the report we will try to summarize, but what can happen from the point of view of information security with your computer when sending a request?
   
   
5. Tigran Hovasapyan: “Can networks feel dangerous?”. To date, the field of application of wireless self-organizing sensor networks technology is quite wide. Low-cost wireless sensors can be used for both military and civilian purposes (health care, monitoring of environmental parameters, climate control systems, etc.). However, the characteristics of these networks provide attackers with a wide range of opportunities to launch attacks against them. We will talk about the principles of operation, features and the most promising areas of application of this technology. Topical threats, methods of their implementation and existing methods of protection against them will be considered.
   
   
6. Roman Shcherbakov: “HARD HACK. How AliExpress helps in researching equipment. ” One of the important aspects of research in the field of information security is the study of the hardware of devices and work with it. The report will consider some types of such tasks with specific examples, consider the types of equipment that allow to solve these problems, and made a comparative analysis of them. Let's talk about the existing models of logic analyzers and their main advantages. Let us analyze in detail the examples given and the possibilities of logic analyzers for their solution.
   
   
7. Sergey Sychev: “We disassemble the firmware of embedded devices on bolts and screws”. Recently, embedded devices have become widespread and, as a result, are of real interest for analysis. In the report we will consider the general approaches to the analysis of embedded software, the existing integrity control mechanisms, and also recall the real cases of embedding additional functionality in the equipment. As an example, the popular IP-camera from the company Hikvision will be considered.
   
   
8. Alexey Myasnikov: “RasPi ping computer security”. Modern computers are getting smaller, but at the same time, desktop solutions are surely catching up on power. Nowadays, a full-fledged computer can fit on a single board the size of a little more than a credit card. Someone uses these computers to create smart homes, someone else - for work, but in this report we will consider the possible ways of using the “raspberry” to automate attacks on the senior colleagues of our non-single-user (PCs, laptops, etc.).
   
   
9. Victor Vagisarov: “To bind the invisible: assistant pentester.” A competent pentester is fluent in dozens of utilities that help him in security analysis: nmap, burp suite, sqlmap, etc. But their huge number and tons of variegated output often do not allow to add up the overall picture of a large test object. And how it would be nice if there was a system that automatically launches scanners on one command, analyzes and normalizes their conclusions, intelligently builds dictionaries for password brute force, establishes and visualizes (!) Connections between detected components, suggests attack vectors for them, searches for exploits for detected vulnerabilities, and also advises (!) the penster what steps to take next to get the maximum profit. And we have made such a system! About her and will be our report.
   
   
10. Alexey Finagin: “HDMagIc - we turn HDMI into an information security tool.” Transfer any file to a nearby computer at ultra-high speed via ... HDMI? Why not? The report will present a non-standard approach to the application of multimedia data transfer technology. We will talk about how to create a prototype software and hardware complex for one-way data transmission via HDMI. Let us examine the main difficulties and limitations encountered in the implementation of the prototype. In conclusion, we will show the possibility of using such solutions in information security systems.

Workshop section: prepare crazy hands!

1. Bad USB: make USB devices.

The term " mimicry ", familiar to us from biology lessons at school, is applicable to computer devices. USB has become the most popular computer port to which we connect completely different devices, from mouse and flash drive to phone and camera. But can you be sure that the device is exactly what it seems?

Is it possible to determine the functionality of the device by its appearance? It turns out that not at all: a keyboard with built-in data storage devices, a WiFi adapter that looks like a USB flash drive - this is all a bit strange, but still quite harmless ... But when hackers get down to business, you can expect anything!

At our workshop, 10 lucky people will be able to learn how to make USB devices with “non-standard” functionality with their own hands and make sure in practice that such things as bad USB are found not only in the pages of magazines and articles on the Internet.

2. Decrypt the traffic.

Everyone knows about the possibility of decrypting SSL / TLS traffic using the private key in Wireshark. But not everyone knows that this is not the only way to decrypt: Wireshark also supports decryption using session secrets. This means that any encrypted SSL / TLS traffic can be decrypted by being on the client side!

In the workshop we will demonstrate in which cases this may be applicable, and decipher the traffic of even complex obfuscated applications, if they are running on a local machine.

The list of workshops, as well as the list of reports, is currently being clarified!

… And many many others!

In addition to reports and workshops, we will delight guests with the FastTrack section of reports, demonstrations of attacks, excellent hacking contests and not only cool prizes and a great atmosphere! Do not forget about the now traditional contest "Examination of information security", held on Twitter .

While guests will learn new things in a relaxed atmosphere, the best participants of the hackquest will have to complete difficult tasks in the sweat of their brow. 8 hours of continuous work will reveal the winner, who will receive the main prize - a trip to one of the international conferences, as well as silver and bronze winners who will receive cool gifts.

The jubilee "confrontation" will be just space, so register on the NeoQUEST website, take friends and colleagues (don't forget about laptops or devices that replace them!) And come (come, fly and sail, if you are not from St. Petersburg) on June 29 to NeoQUEST -2017!