PHDays 2017: how it was

The mClouds.ru team visited the Positive Hack Days (PHDdays VII) international forum on practical security, which took place on May 23-24, 2017 in Moscow. The forum brought together a large circle of specialists in the field of information security, guided by the principle - minimum advertising and maximum useful knowledge.

The event program consists of the following sections:

Technical report - presentation of works from the “sharks” of information security.
Section / Business Report - a section with the participation of business representatives.
Hands-on Labs - practical workshops from professionals.
Fast Track / Young School - a section for young scientists, a presentation of their own research, aimed at expanding the boundaries of knowledge in the field of information security.
')

Stands

This year, stands of companies that not only develop information security solutions were presented, but also integrator companies that implement and develop their solutions to provide comprehensive security protection.

Note the stands we liked. Let's start with the company Positive Technologies, which introduced the beta version of the free vulnerability scanner PT BlackBox Scanner, to identify vulnerabilities in web applications.

To check your application with a scanner, you will need to confirm your ownership of the site, and the cloud scanner will search for weak points. It is possible to scan using the agent without confirming the ownership of the site.

You can test your web resource on the scanner site - bbs.ptsecurity.com .

We expect the appearance of QRadar SIEM Community Edition for use in small businesses with EPS restrictions and with the ability to upgrade the number of processed events.

Short line

Microsoft for the booth with Windows and Xbox.


Rostelecom, thanks for the delicious coffee and fresh juice!


Infotecs provided an opportunity to take a test and test ViPNet Alcotronic! /> @ roman_rrrrr

Axoft for the “hackers in da box” attraction. Beyond Security - for the registration form with the input of the name, e-mail and password for a 40 ”+ touch screen monitor with an on-screen keyboard.

Competitive areas

We should also mention contests for forum participants.

Big jackpot - ATM and self-service kiosks, these are the objects that are located on the way of our journey to work, study and our friends. The cassettes, packed with neatly cut paper, are often the victims of both smart and not very smart crooks. Visitors can try themselves in the role of a DBO systems researcher and open a bag of gold in the Hardware Village; two self-service kiosks and one ATM are used as test subjects.


bystroff


Kiosk Remote Service # 1


Remote Service Kiosk # 2

2600 - And I twist the steering wheel and press on the gas ... your task is to make a call from a Soviet-style payphone to a specific number and not to spend and return the token.


@dmitryzakharenko

Pouring - the traditional closing of the competition program on PHDays for participants who have reached alcohol maturity. The selected participants will have to test the strength of a web application under the protection of WAF (Web Application Firewall) and demonstrate the ability to think soberly in any situation.

When the “protection system” is triggered, the participants are invited to drink 50 ml of a strong and very hot drink every 5 minutes, and then, continue the fight until the main game flag is captured. If the main flag could not be picked up, the winner is determined by the number of flags collected during “game time”.

CAMBreaker - the Internet of things is taking a wide and confident step, and hacking into devices of this class can bring a lot of valuable information to an attacker. To participate, it is recommended to capture a gentleman's kit, which will help find a web vulnerability or help reverse the firmware.




IoT by Google

Automotive Village: CarPWN - forum participants can test the safety of the Tesla Model S vehicle. Finding the right wires and blocks, properly connecting to the vehicle’s on-board network and conducting a MiTM attack, it’s all possible to try during two days of the forum with an open stand Tesla!



WAF bypass is a traditional PHDays contest where you need to bypass the firewall (ITU) from PT Application Firewall (PT AF). The winner is determined based on the number of points earned, which are awarded for receiving flags. This year, the direction is taken to crawl a new component of PT AF to protect databases.



MITM Mobile - Interception of SMS, telephone conversations and USSD, deployment and work with false base stations - all this can be seen on the stand and try to master the techniques for hacking your own operator. The GSM standard can be cracked not only by special services with expensive equipment, but also by a technically savvy participant with a $ 25 piece of hardware.

HackBattle - solving complex and unexpected tasks in real time on the main stage, where you need to demonstrate the skills and abilities to work in high load mode with a demonstration of speed and ingenuity in solving the provided questions. To participate in the competition was required to pass the first stage, the qualifying test. The winner receives the Hak5 Field Kit and loud ovations from the public!

We recommend to familiarize

Without departing from the main principle of the forum, we will publish a list of reports that have been marked by our agents as “for familiarization” (to get acquainted with the presentation of the report you will need to click on the article title):

You, not you. The army of smart bots in the hands of a hacker - Andrey Masalovich, General Director of Avalanche Pulse, told life examples ranging from captcha recognition and SQL injection scanning to influence the course of elections.

“Confrontation on the Web today is not a war between bots and humans, but rather a war between armies of smart bots”

Hackers want your bank more than your customers - analysis of interesting cases with attacks on ATMs, payment gateways and processing from Dmitry Volkov. Demonstration of mistakes and tactics of intruders when attacking a local network, identifying activity and preventing the withdrawal of infrastructure of a financial institution from failure.

DDoS attacks in 2016–2017: coup - a modification in the organization and conduct of DDoS attacks, their changes and causes, prerequisites and consequences, as well as the relationship with the development of IoT.

Hacker in a trap, or Practical demonstration of blocking exploits and crypto - fiber - a master class with demonstration of malicious code and protection tools in active mode (antivirus, URL filtering, antispyware, IPS, Threat Intelligence, DNS Sinkholing, sandboxes based on Next Generation Firewall, etc. .P.).

Video recordings of reports are published on the youtube channel and on the official website of the event, it remains only to wait for the video from PHDays VII. You can view the last year's video reports on the official PHDays VI website.