$RU$

 #RU#

 @RU@

0x7DC

0x7DD

0x7DE

0x7DF

25-26.11.15

 $RU$

 #RU#

 @RU@

0x7DC

0x7DD

0x7DE

0x7DF

25-26.11.15

Workshops


Cross-platform reversing with Frida

Speaker: Ole André Vadla Ravnås

Frida is a scriptable dynamic binary instrumentation toolkit aiming to dramatically shorten the development cycle of dynamic analysis and reverse-engineering tools. It also comes with some CLI tools built on top of its APIs. Written in portable C, released under a commercially friendly OSS license, with language bindings for Python, Node.js, and more, it's a tool of trade to deal with dynamic instrumentation of binaries on all current platforms (Windows, Mac, Linux, iOS, Android, and QNX).
This workshop is for attendees who would like to get up to speed on the state-of-the-art in dynamic instrumentation on both desktop and mobile. We will start out with an intro to Frida's APIs and CLI tools, and then walk you through how to build a reversing tool from scratch.

Requirements for the workshop participants:


Practical exploitation of AVR MC-based devices

Speakers: Alexander Bolshev, Boris Ryutin

Lots of modern devices are based on AVM microcontrollers, from amateur Arduino projects to IoT, automobile subsystems, and industrial controllers. This workshop is an attempt to sum up the bulk of AVR firmware buffer overflow exploitation experience.
The Internet has plenty of relevant info, but there is still no practical, top-to-bottom guide on the topic.
We will explain the specifics of reverse-engineering AVR-based firmwares, talk about the features of Harvard architecture, and discuss existing AVR exploitation tools. We will talk about ROP chain building methods and how radare2 can facilitate the task. We will also describe the techniques of post-exploitation and persisting in the firmware.

Workshop plan:

Part 1. AVR 101

Part 2. Pre-exploitation

Part 3. Exploitation

Part 4. Post-exploitation

The hands-on exercise will utilize an Atmel Studio emulator and Arduino chips.

Requirements for the workshop participants


Enlarge your Burp, or How to stop fearing Javadocs

Speakers: Ivan Yolkin, Igor Bulatenko

A lot of people use vulnerability scanners without understanding how they work, and, consequently, they often get suboptimal results. And if the scanner throws a false positive or, on the contrary, fails to find vulnerabilities which can easily be discovered manually, most penetration testers just deal with it or use several scanners. Burp Suite allows writing custom plugins, so you can correct a lot of its flaws on your own. This workshop will explain the main principles of developing plugins and teach which techniques are worth using in certain cases and why.
The theoretical part will be enhanced by practical training. We will show development in two languages: Python and Java, and we will pay attention to the major differences and benefits of each language with respect to Burp Suite. After the workshop, you will not fear Javadoc API descriptions anymore.

Requirements for the workshop participants


«Practical object-oriented code reverse engineering»

Speakers: Alexander Matrosov, Eugene Rodionov

In this workshop the authors will address the problem of reverse engineering complex threats developed using object-oriented programming. Analysis of such malware requires different approaches as opposed to reversing malware developed using procedural programming languages.
The workshop starts with introduction into object-oriented code reverse engineering: the authors will explain the peculiarities of object-oriented code layout and approaches to its analysis. Then they will demonstrate use of various tools and techniques employed in the context of analysis object-oriented code based on examples of malware used in the recent high-profile targeted attacks: Animal Farm, Sednit, Equation, Duqu 2. The workshop also covers such topic as distributed C++ malware analysis in a clustered environment using high-level intermediate representation. The authors will consider the examples written in C++ and compiled with MS Visual C++.

Topics

Participants will receive

Requirements for the workshop participants


«On the way to (wrong) anonymity. Basic techniques of digital contraception and private data hygiene.»

Speaker: ValdikSS

Currently there are all sorts of tools that enable anonymity and confidentiality in the net, but that does not mean that everybody get how exactly they work so as to protect themselves entirely. It’s not enough to just install software, you should also block all possible sources of information leakage.

Within this workshop we’ll cover the aspects of maintaining anonymity in the Internet, importance of data privacy, (non-)obvious up-to-date ways of user identification, both technical and social, consider why this ‘I’ve-got-nothing-to-hide’ approach can harm others.

Purpose of this workshop is to show and block channels of data leakage on the entire OSI model.

We’ll tell you about:

We’ll teach you:

Requirements for participants:


Stay tuned for updates!