Chaos Communication Congress: Disneyland for a hacker, SCADA security and more

Chaos Communication Congress is one of the largest events in Europe, attended by thousands of hackers every year. This time in Hamburg gathered more than 9000 people. Among them were Positive Technologies experts, who presented their research in the field of ICS safety, conducted a master class on SCADA systems penetration tests, and talked about the preparation of Labyrinth , one of the most spectacular PHDays III forum competitions .

We already know

First of all, Sergey Gordeychik and Gleb Gritsay presented a study of the safety of industrial systems. The speech was held at CCC for the second time: last year, experts paid more attention to the level of safety of industrial control systems in the world. Many new vulnerabilities were discovered in systems developed by Siemens. Some of the most interesting security errors in accordance with the responsible disclosure policy could not be made public.

This year it was about industrial protocols and their shortcomings. During the speech, the most “juicy” vulnerabilities that remained behind the scenes last year were noted. In addition, the speakers talked about new security bugs and attacks that can be built on their basis.

Performance video:

SCADA Pentes and DBMS Vulnerabilities

In continuation of the topic, Alexander Timorin held a master class on SCADA security and the study of protocols that are used in process control systems.



Alexey Osipov from Positive Technologies web application security analysis group made a report “Firebird / Interbase database engine hacks” on database management system vulnerabilities.

Presentation Slides:

Disneyland for hacker

On the third day of the conference, Yuri Goltsev and Alexander Zaitsev spoke about the creation of the “Labyrinth” - a fascinating competition, a real hacker attraction, which was appreciated by the guests of Positive Hack Days III. In one hour, the contestants had to overcome a whole range of obstacles: to cross the laser field, pass tracking sensors, win the duel with artificial intelligence, open secret doors, clear the room of bugs and defuse the bomb. The video report is available on YouTube .


A participant in PHDays III passes the Labyrinth laser field.

In addition, the conference hosted the release of new tools for assessing the safety of SCADA systems:

• Utility Internet Connected ICS / SCADA / PLC : in combination with ICS / SCADA / PLC Cheat Sheet allows you to conduct security research SCADA;
• Hydra vs Siemens S7-300 , specially released for CCC Hydra version 7.6 with a module and library for bruteforce passwords Siemens S7-300 PLC.

Attention! These utilities are intended only for the safety analysis of industrial systems.

Now more about the event itself.

How it was

CCC is known for addressing the technological, political, and social dimensions of information technology.



The jubilee thirtieth conference, dubbed 30C3 for this occasion, was no exception: participants could see how tamagotchi were hacked , learn how to track satellites flying around the Earth, and also listen to the speech of WikiLeaks creator Julian Assange, which he held using a video conferencing system from the Embassy of Ecuador in London, where he is still forced to hide from the authorities.



The speakers paid much attention to the problems caused by the publications of Edward Snowden. Report “To Protect and Infect. Part II ”of one of the TOR project leaders Jacob Appelbaum, who represented the WikiLeaks project at the HOPE conference in 2010, caused a stir in the press and discussions in the professional community. It is not surprising - after all, even months after the secret data was released by Snowden, many are interested in how the NSA connected to a huge number of devices around the world.



Everyone who is interested in information security issues, we recommend that you read the reports:

• Triggering Deep Vulnerabilities Using Symbolic Execution [ video ]
• Electronic Bank Robberies [ video ]
• Bug Class Genocide [ video ]
• Fast Internet-wide Scanning and its Security Applications [ video ]
• Hillbilly Tracking of Low Earth Orbit [ video ]
• My Journey into FM-RDS [ video ]
• Hardware Attacks, Advanced ARM Exploitation, and Android Hacking [ video ]
• Revisiting “Trusting Trust” for Binary Toolchains [ video ]
• Android DDI [ video ]
• Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware [ video ]
• Thwarting the Evil Maid Attacks [ video ]
• Script Your Car [ video ]
• The Exploration and Exploitation of an SD Memory Card [ video ]

An overview of other interesting presentations (in English) can be found at Tech the Future .

Photos from the conference can be viewed at: http://rolfomat.smugmug.com/Events/30c3 .

PS Meanwhile, not much time is left until Positive Hack Days IV. Registration for participation in the PHDays CTF qualifying competition is in full swing. Already registered more than 140 teams, join and you!