Program is loading
Latest agenda news of ZeroNights 2015 are up! Two main program talks, one workshop, and two awesome Defensive Track talks – voila!
- Main slot features a talk by Nikita Tarakanov (Mexico), an independent information security researcher: Direct X – direct way to Microsoft Windows kernel. The author’s research focuses on how to find vulnerabilities in low level, common ring 3 to ring 0 interactions as defined by WDDM and exposed through GDI user mode library. The presentation will include fuzzing statistics, methodologies, and vulnerabilities found on Intel, NVIDIA and ATI drivers.
- Alexander Ermolov (Russia) will present a talk Modifying the firmwares of industrial switches. This talk reviews the attacks on the major element of the data bus: industrial switches. Alexander will show how to replace firmware on a switch by using various vulnerabilities and misconfigurations.
- Meet Ivan Yolkin and Igor Bulatenko (Russia) with a workshop Enlarge your Burp, or How to stop fearing Javadocs. This workshop will explain the main principles of developing Burp Suite plugins and teach which techniques are worth using in certain cases and why. The theoretical part will be enhanced by practical training. The researchers will show development in two languages: Python and Java, and pay attention to the major differences and benefits of each language with respect to Burp Suite. After the workshop, you will not fear Javadoc API descriptions anymore.
- Kirill “isox” Ermakov (Russia) invites the audience for a game on Defensive Track. In his talk Let’s play the game: One more way to perform a penetration test, he wants to show you Qiwi’s vision of a penetration test and to tell you a story of a two month security survival game.
- Also on Defensive Track, Andrey Kovalev, Konstantin Otrashkevich, and Evgeny Sidorov (Russia) will deliver a talk Fighting against a Flash 0-day: a hunt for a tainted vector. Yandex has their own behavioral detection technology developed for such exploits and the experts will share the key principles it’s based on. They will also give some directions that will help to build behavioral detection systems for complex Flash exploits.
Remember, only a week is left until CFP is closed! Hurry up!
Hack while the iron is hot
The Hardware Village project, which has become our good tradition, will return to ZeroNights this year to amaze the visitors with various low-level hacks and tricks. If “hardware” means more than bolts and rivets for you, be sure to drop by. There will be lots of equipment and electronics.
The best part of the two days will be occupied with workshops, talks by old-school and new-school hackers, Q&A sessions, and speed-hacking contests.
We will keep our past errors in mind to try and improve the structure of the project in regards to both content and schedule.
The first day will be devoted to wired networks and standard data interfaces: Ethernet, 1Wire, UART, JTAG, SPI, etc. We will show the equipment recommended for this kind of analysis, including oscillographs, logic analyzers, and multimeters. We promise to teach you how to work with them. Dmitry Nedospasov will develop the topic of FPGAs and their hacking uses.
The second day will be dedicated exclusively to wireless networks. We will try to cover most of the unlicensed frequencies (including 350Mhz, 433Mhz, 868Mhz, 915Mhz, 2.4Ghz, 5Ghz) and popular protocols: RFID, NFC, Wi-Fi, and Bluetooth. And our small SDR workshop may be useful for those who are interested in the subject but does not know how to begin.
Speaking about target audience, remember that Hardware Village is a project made by hardware enthusiasts and for enthusiasts of every experience level. If you’d like to take part in organizing Hardware Village, we will be happy to welcome you into the team.
Any questions or comments? E-mail us at firstname.lastname@example.org!
We hope that the result of our efforts will impress both the beginners and the experts this year.
CFP FastTrack ZeroNights
Apart from applying for a main program talk in our CFP, don’t forget about the much-beloved talk format, which is laconic, fast and gathers a crowded hall no matter its size. FastTrack is a great venue to talk about your mini research or present your tool. The diversity of FastTrack fields and directions is always amazing, which attracts a lot of visitors. And, of course, it is an excellent chance to participate in the event as a speaker ;)
So hurry up with your CFP applications: we will be accepting them for roughly two more weeks.
Spend a night in space
Discount alert! Dear guests coming to visit ZeroNights from other Russian cities or other countries, this is for you. Hotel Cosmos offers special accommodation prices during the conference. Just use this promo code when you book a room: ZERO :)
Official site of the hotel: http://www.hotelcosmos.ru/eng/
A praise for hackers
This year’s ZeroNighs is not simply another episode of our favorite event. We are delightedly looking forward to a very special gathering, an important milestone. The anniversary is an excellent opportunity to thank every visitor, every speaker and comrade. ZeroNights is an event that we create together.
This is why we invited none other than BSDaemon a.k.a. Rodrigo Rubira Branco to deliver a keynote talk on a topic which hits right home. In the talk called A Praise for Hackers, he will speak aloud about the things we are usually hesitant to discuss: motivation, talent, choice, and responsibility. Given different objectives and targets, hackers will focus their abilities in separate areas. Either in a technical career inside a big corporation, or as an individual collecting bounties (two apparent extremes that share lots of common factors), a researcher needs to makes conscious decisions. In the end, the objective is to demonstrate that challenges exist, opportunities as well, and that it is possible to have different ways in life keeping the same fundamentally technical priorities: build knowledge and have fun.
The very slogan of ZeroNights – Hack Now, Save the Future – refers to choosing one’s way and accepting the responsibility. Our future is for ourselves to determine.
Rodrigo Rubira Branco is the Founder of the Dissect || PE Malware Analysis Project and a Principal Security Researcher at Intel Corporation. He’s been working in infosec for many years and has a special interest in open-source software. Rodrigo is the organizer of Hackers to Hackers Conference (H2HC), the oldest and biggest security research conference in Latin America, and he spoke at H2HC, Black Hat, Hack in The Box, XCon, VNSecurity, OLS, Defcon, Hackito, Ekoparty, Troopers and other famous events. He is a member of the RISE Security Group and an active contributor to open-source projects (like ebizzy, linux kernel, others). Used to be engaged in security research at Qualys, Check Point, Adobe, COSEINC, Scanit, IBM.
Resolving big problems
Well friends, how about a little more of our beloved hardcore? Meet other star speakers of ZeroNights and their magnificent talks and workshops.
- Jakub Kaluzny (Poland) delivers his talk Big Problems with Big Data – Hadoop Interfaces Security. The speaker would like to discuss what kind of new challenges the "cloud computing" and "big data" buzzwords have brought for security testers. Apart from complexity of Hadoop installations and number of interfaces, standard techniques can be applied to test for: web application vulnerabilities, SSL security and encryption at rest. Jakub will share his experience of testing popular Hadoop environments and finding a few critical vulnerabilities, which for sure cast a shadow on big data security.
- Alfonso De Gregorio’s (Italy) talk is named illusoryTLS: Nobody But Us Impersonate, Tamper, and Exploit. The audience will learn how to embed an elliptic-curve asymmetric backdoor into a RSA modulus using Elligator. Alfonso claims that the entire TLS security may turn to be fictional if a single CA certificate with a secretly embedded backdoor enters the certificate store of relying parties. He will shed some light on how some entities might have practically explored cryptographic backdoors for intelligence purposes regardless of the policy framework.
Pay attention to two excellent workshops as well:
- Ole André Vadla Ravnås (Norway), Cross-Platform Reversing with Frida. The workshop is dedicated to Frida, a scriptable dynamic binary instrumentation toolkit aiming to dramatically shorten the development cycle of dynamic analysis and reverse-engineering tools. It's a tool of trade to deal with dynamic instrumentation of binaries on all current platforms (Windows, Mac, Linux, iOS, Android, and QNX).
This workshop is for attendees who would like to get up to speed on the state-of-the-art in dynamic instrumentation on both desktop and mobile. The speaker will start out with an intro to Frida's APIs and CLI tools, and then walk the audience through how to build a reversing tool from scratch.
- Speakers: Alexander Bolshev and Boris Ryutin (Russia): Practical Exploitation of AVR MC-Based Devices. Lots of modern devices are based on AVM microcontrollers, from amateur Arduino projects to IoT, automobile subsystems, and industrial controllers. This workshop is an attempt to sum up the bulk of AVR firmware buffer overflow exploitation experience.
The Internet has plenty of relevant info, but there is still no practical, top-to-bottom guide on the topic.
The trainers will explain the specifics of reverse-engineering AVR-based firmwares, talk about the features of Harvard architecture, and discuss existing AVR exploitation tools. They will talk about ROP chain building methods and how radare2 can facilitate the task. And they will also describe the techniques of post-exploitation and persisting in the firmware.
Don’t miss our next announcements! New speakers with their mind-blowing findings are coming very soon. Also, an early-bird registration fee will last for a few more days, until September 1! Register and pay here: http://2015.zeronights.org/register.html
InfoTeCS is a new partner of ZeroNights
Friends, we are glad to introduce our new partner! It is the InfoTeCS company, a vendor for software and hardware VPN solutions and cryptographic data protection facilities. On top of developing and promoting data security facilities, the company supports and maintains them. It is also engaged in research and consulting activities.
We are happy to welcome new outstanding names among our partners. Thank you for trusting us!
Mail.Ru Group partners with ZeroNights
Friends, we have more great news for you. Mail.Ru Group is now an official partner of the forthcoming ZeroNights event. This is the first time that the corporation has made the decision to support us. Here’s solid proof that the event is growing more popular and we are moving in the right direction. Thanks everyone!
Mail.Ru Group is a Russian Internet company. It was started in 1998 as an e-mail service and went on to become a major corporate figure in the Russian-speaking segment of the Internet. Mail.ru controls the 3 largest Russian social networking sites. It operates the second and third most popular Russian social networking sites, Odnoklassniki and Moy Mir, respectively. Mail.ru holds 100% of shares of Russia's most popular social network VKontakte. It also operates two instant messaging networks (Mail.Ru Agent and ICQ), an e-mail service and Internet portal Mail.ru, as well as a number of online games.
The company has offices in 18 cities around the world, with headquarters in Moscow.
Hack like a movie star
Friends, this Monday is the day of excellent news because we are ready to announce the first talks of ZeroNights 2015. Prepare for several mind-blasting additions to our main program at once! :)
- Jeremy Brown (USA) will present a talk called Hacking Virtual Appliances. The speaker will provide real case studies for various vulnerabilities created by mistakes that many of the major players made when shipping their appliances. The audience will learn how to find these bugs and how the vendors went about fixing them, if at all. By the end of this talk, the researcher promises a firm grasp of how one goes about getting remotes on these appliances.
- Matteo Beccaro and Matteo Collura (Italy) will speak about Extracting the Painful (Blue)tooth and explain briefly how the Bluetooth (BDR/EDR/LE) protocols work, focusing on security aspects. They will then show some known vulnerabilities and finally consider deeply undisclosed ones. “What if I tell you I can unlock your Smartphone? What if I tell you I'm able to open the new shiny SmartLock you are using to secure your house's door?” – the researchers inquire ominously.
- George Nosenko (Russia) will deliver a presentation called Cisco IOS Shellcode – All-in-One. Well, the title speaks for itself :) Cisco network equipment is based on a wide variety of OS (firmware) architectures, types, and versions, so it is much harder to develop a universal shellcode. George will present a research initiated by Digital Security Research Group to create a shellcode which is as easily portable between different IOS firmwares as possible and which provides a lot of pentesting features because it can dynamically change the shellcode destination at the stage of post-exploitation. He will also consider the possibility of creating a worm which could spread across the infrastructure, from firewall to router, from router to switch, etc.
- Marina Krotofil (Gemany) will present a talk called Hack Like a Movie Star: Step-by-Step Guide to Crafting SCADA Payloads for Physical Attacks with Catastrophic Consequences. She will give the attendees a crash-course on what to do once one hacks into SCADA. On the example of forcing traffic light kit into horribly catastrophic states the attendees will gain practical knowledge of SCADA hacking. The talk will take the audience through all the stages of a cyber-physical attack covering the tasks to be completed at each stage and non-trivial detours an attacker may have to take to practically achieve her goal.
- Nikolaj Schlej (Germany) will teach you to Fix it Yourself: Resolving UEFI Vulnerabilities Single-Handedly. A vulnerability has been found in your firmware but the vendor isn’t in any hurry to fix it? A patch was released yesterday, but it adds two new bugs instead of resolving the old one? You’ve had enough. Time to take firmware security into your own hands! This is a talk about finding and resolving known vulnerabilities in UEFI-compatible firmwares.
Stay tuned and expect more and more news about our jubilee event with each passing day!
Jubilee ZeroNights is supported by Yandex
Friends, the fifth ZeroNights conference will be supported by Yandex, our long-time partner and close friend. Many of you know about our friendship with the famous brand. Yandex has supported ZeroNights for five years in a row, which shows the Internet company’s interest in information security better than any words. But only a chosen few know that Yandex is planning to hold several activities for our guests. Detailed news are coming. Stay tuned J
Yandex is a Russian Internet company which operates the largest search engine in Russia with about 60% market share in that country. It also develops a number of Internet-based services and products. Yandex ranked as the 4th largest search engine worldwide, based on information from Comscore.com, with more than 150 million searches per day and more than 50.5 million visitors (all company's services) daily. Yandex also has a very large presence in Ukraine and Kazakhstan, providing nearly a third of all search results in those markets and 43% of all search results in Belarus.
QIWI is a partner of the jubilee ZeroNights event
The news many of you have been waiting for: the QIWI company will be a ZeroNights partner. As you may remember, the leading payment service of Russia and the CIS supported our event last year as well to deliver ingenious contests and activities. QIWI is planning to surprise everyone this year again. Stay tuned ;)
QIWI is a leading provider of next generation payment services in Russia and the CIS. It has an integrated proprietary network that enables payment services across physical, online and mobile channels. It has deployed over 15,8 million virtual wallets, over 171,000 kiosks and terminals, and enabled merchants to accept over RUB 50 billion cash and electronic payments monthly from over 70 million consumers using its network at least once a month. QIWI’s consumers can use cash, stored value and other electronic payment methods to order and pay for goods and services across physical or online environments interchangeably.
Registration is open!
Friends, we have opened the ticket sale for ZeroNights – our international conference dedicated to the practical aspects of infosecurity. The event will be held on the 25 and 26 of November in Cosmos Hall, Moscow. ZeroNights welcomes technical experts, administrators, information security workers and managers, pentesters, software developers, and anyone interested in practical security.
The annual event is organized by Digital Security and Defcon Group with the support of Yandex. Yes, this year is our fifth anniversary, so get ready for something special. Famous infosecurity researchers will present their findings and tell you everything about unusual attack methods and under-investigated threats. The Defensive track is your opportunity to learn more about practical defense and immerse yourself in case-based experience of protecting resources and applications.
Workshops by highest-class professionals will, as always, cater to the most sophisticated students. Our guests will learn new techniques of creating exploits with deadly payload, various tricks of bypassing OS or browser security controls, and tips on finding vulnerabilities where all bugs seem to have already been found.
Contests. The jubilee event will have as many of them as ever. Tasks of various complexity set forth by the most advanced experts are a good opportunity to test yourself. Valuable prizes await the participants of our exciting competitions.
The schedule is filling up, CFP will last until October 1, stay tuned! Register to get your earlybird discount until September 1 here: http://2015.zeronights.org/register.html