The first PHDays III master classes: cyber investigations, attacks on SAP and Windows kernel
The forum Positive Hack Days III offers not only interesting reports, contests and competitions CTF, but also numerous master classes. The Hands-On Labs at PHDays are hands-on labs that run under the motto “less words, more work.” Under the guidance of the IB guru from all over the world, listeners are deeply immersed in the topic and with their own hands solve practical problems from the field of information security. To take part in the classes, you only need to have basic training, a craving for new knowledge and bring a laptop with you.
The master class is dedicated to ensuring the security of web applications throughout the entire development cycle. During the lesson, practical approaches to identifying and eliminating vulnerabilities in the code, developed in accordance with the recommendations of the Microsoft Security Development Lifecycle, will be considered. The practical lesson will be interesting for web application developers and researchers who want to gain skills in designing secure code and analyzing the security of complex projects using the white box method. The master class is based on Microsoft ASP.NET (Web Pages, Web Forms, MVC, Entity Framework, SignalR), but it contains a minimum of environment specifics and will be interesting to specialists who work with other web technology stacks. Different classes of vulnerabilities will be presented on examples of zero-day vulnerabilities in popular products,
During the practical part, the most interesting attacks will be demonstrated, as well as all the considered techniques and methods of working with the code.
Presenter: Vladimir Kochetkov is an expert at the research center of Positive Technologies. He specializes in analyzing the source code of web applications and research in the field of technology security at Microsoft. The developer of automation tools for web application security analysis tasks, is part of the PHDays HackQuest development team. In his free time he takes part in the project to develop the programming language Nemerle.
The forum participants will be presented an in-depth analysis of the capabilities and internal mechanisms of sqlmap. One master class combines the consideration of functional features that have resulted from many years of hard work and thoughtful work with the requests of a large user community, and features that are hidden from the eyes, the existence of which no one even thinks about.
Presenter: Miroslav Stampar- A professional software developer and researcher in the field of information security. He is currently working on a doctoral dissertation on security and organizing parallel data processing. He received the Microsoft Certified Solution Developer certificate for Microsoft .NET in 2007 and has since been working at AVL (www.avl.com), the world's largest privately owned company engaged in the development of power transmission systems with internal combustion engines, as well as measuring equipment and systems diagnosing. In an effort to address security-related issues, he became one of the authors of the well-known open-source project sqlmap (www.sqlmap.org) dedicated to the automatic detection and exploitation of vulnerabilities such as “Executing SQL Code”, and since December 2009 has been constantly involved in its development .
Hands-On Lab Network Incident Investigation:
Hands-On Lab for Investigating Incidents Using Memory Data:
Investigation using disk images using OSForensics (free version) - demonstration, problem solving.
Presenter: Alexander Sverdlov - information security trainer-consultant. He developed and successfully conducts a five-day training “Computer Crime and Fraud Prevention”, devoted to the use of Moneybookers (Skrill), created a training for ING Insurance (Bulgaria). While working at the HP Global Delivery Center, EOOD participated in security audits, coordinated the preparation of reports on the detection and elimination of vulnerabilities in Microsoft Windows, Unix and database servers. Certified by CEH, CHFI, MCSE and MCTS. Author of a number of articles on various issues of information security.
Welcome to the world of NFC (Near Field Communication) technology. The presenter will focus on high-frequency identification, but low radio frequencies will also be considered, since they are very often used in organizing access control to premises.
The topics covered range from traditional NFC readers (13.56 MHz), their API and proprietary software to Proxmark3 hardware, open source software (LibNFC), from common attacks to original ideas for using radio frequency identification.
Part of the workshop will be devoted to NXP MIFARE Classic technology, which is used worldwide for micropayments, physical security of buildings, and public transport. Some cases will also be considered, the moderator will tell about lessons learned from his experience related to reverse engineering and social engineering.
Presenter: Nauel Grisolia is a twenty-seven-year-old researcher from Argentina. Specializes in web application security and hardware hacking. He discovered vulnerabilities in McAfee Ironmail, VMware, and the Manage Engine Service Desk Plus, as well as in a number of free software development projects (Achievo, Cacti, OSSIM, Dolibarr, and osTicket).
He held master classes at international conferences BugCON (Mexico), H2HC (Brazil), Ekoparty (Argentina), at OWASP (Argentina) and others. In addition, he is engaged in the design of information systems, has the CEH certificate (Certified Ethical Hacker) and is a certified private pilot.
The master class will cover the basics of building shellcode for x86 family processors, the main tasks in building shellcode and how to solve them. The main focus will be on building the minimum size of shell codes. The facilitator will present examples of shell-code optimization and invite participants to optimize the shell-code section for practical fixing of the material.
Leading:Anton Dorfman is a researcher, reverse engineer, and assembler fan. Since 2001, he teaches at Samara State Technical University, is engaged in scientific and practical research in the field of information security software, has published more than 50 scientific articles. Developed and taught unique reverse engineering training courses. Since 2009, the organizer and playing coach of student teams of SamSTU participating in CTF computer security competitions.
Master Class Plan:
Presenter: Artyom Shishkin - Information Security Specialist at Positive Technologies. Starting with system programming and receiving the MCTS: Windows Internals certificate, he is still researching Windows, its devices and vulnerabilities. Admires the core, pool damage and synchronization. Does not like Intel SMEP, bypasses it.
The laboratory workshop helps to master the basic techniques of analysis of application security and forensic analysis of mobile platforms based on Google Android. As part of the security analysis, typical vulnerabilities discovered by Positive Technologies experts will be demonstrated, including Google’s recently fixed vulnerabilities in Chrome for Android, as well as zero-day vulnerabilities.
Presenter: Artyom Chaykin - Leading Specialist of the Web Application Security Analysis Group at Positive Technologies.
Implementing an attack on SAP ABAP
Exploiting Vulnerabilities in SAP NetWeaver 7.0
Exploitation of transport system vulnerabilities
Presenter: Vyacheslav Mavlyanov is an information security expert at Positive Technologies.
PS Detailed information about upcoming workshops, speeches and speakers can be found on the PHDays website .
PPS You can purchase tickets for the forum at the following link .
How to develop a secure web application without losing your mind?
The master class is dedicated to ensuring the security of web applications throughout the entire development cycle. During the lesson, practical approaches to identifying and eliminating vulnerabilities in the code, developed in accordance with the recommendations of the Microsoft Security Development Lifecycle, will be considered. The practical lesson will be interesting for web application developers and researchers who want to gain skills in designing secure code and analyzing the security of complex projects using the white box method. The master class is based on Microsoft ASP.NET (Web Pages, Web Forms, MVC, Entity Framework, SignalR), but it contains a minimum of environment specifics and will be interesting to specialists who work with other web technology stacks. Different classes of vulnerabilities will be presented on examples of zero-day vulnerabilities in popular products,
During the practical part, the most interesting attacks will be demonstrated, as well as all the considered techniques and methods of working with the code.
Presenter: Vladimir Kochetkov is an expert at the research center of Positive Technologies. He specializes in analyzing the source code of web applications and research in the field of technology security at Microsoft. The developer of automation tools for web application security analysis tasks, is part of the PHDays HackQuest development team. In his free time he takes part in the project to develop the programming language Nemerle.
Sqlmap: under the hood
The forum participants will be presented an in-depth analysis of the capabilities and internal mechanisms of sqlmap. One master class combines the consideration of functional features that have resulted from many years of hard work and thoughtful work with the requests of a large user community, and features that are hidden from the eyes, the existence of which no one even thinks about.
Presenter: Miroslav Stampar- A professional software developer and researcher in the field of information security. He is currently working on a doctoral dissertation on security and organizing parallel data processing. He received the Microsoft Certified Solution Developer certificate for Microsoft .NET in 2007 and has since been working at AVL (www.avl.com), the world's largest privately owned company engaged in the development of power transmission systems with internal combustion engines, as well as measuring equipment and systems diagnosing. In an effort to address security-related issues, he became one of the authors of the well-known open-source project sqlmap (www.sqlmap.org) dedicated to the automatic detection and exploitation of vulnerabilities such as “Executing SQL Code”, and since December 2009 has been constantly involved in its development .
Cyber Investigations: The Basics
Hands-On Lab Network Incident Investigation:
- investigation of network incidents with Xplico - demonstration, practice;
- NetworkMiner incident investigation
- assignments for participants.
Hands-On Lab for Investigating Incidents Using Memory Data:
- investigation on a running computer using Mandiant's DumpIT and Memorize;
- an investigation with the study of the memory of a turned off computer (after completion of work);
- workshop.
Investigation using disk images using OSForensics (free version) - demonstration, problem solving.
Presenter: Alexander Sverdlov - information security trainer-consultant. He developed and successfully conducts a five-day training “Computer Crime and Fraud Prevention”, devoted to the use of Moneybookers (Skrill), created a training for ING Insurance (Bulgaria). While working at the HP Global Delivery Center, EOOD participated in security audits, coordinated the preparation of reports on the detection and elimination of vulnerabilities in Microsoft Windows, Unix and database servers. Certified by CEH, CHFI, MCSE and MCTS. Author of a number of articles on various issues of information security.
RFID Workshop
Welcome to the world of NFC (Near Field Communication) technology. The presenter will focus on high-frequency identification, but low radio frequencies will also be considered, since they are very often used in organizing access control to premises.
The topics covered range from traditional NFC readers (13.56 MHz), their API and proprietary software to Proxmark3 hardware, open source software (LibNFC), from common attacks to original ideas for using radio frequency identification.
Part of the workshop will be devoted to NXP MIFARE Classic technology, which is used worldwide for micropayments, physical security of buildings, and public transport. Some cases will also be considered, the moderator will tell about lessons learned from his experience related to reverse engineering and social engineering.
Presenter: Nauel Grisolia is a twenty-seven-year-old researcher from Argentina. Specializes in web application security and hardware hacking. He discovered vulnerabilities in McAfee Ironmail, VMware, and the Manage Engine Service Desk Plus, as well as in a number of free software development projects (Achievo, Cacti, OSSIM, Dolibarr, and osTicket).
He held master classes at international conferences BugCON (Mexico), H2HC (Brazil), Ekoparty (Argentina), at OWASP (Argentina) and others. In addition, he is engaged in the design of information systems, has the CEH certificate (Certified Ethical Hacker) and is a certified private pilot.
Mastering the shell code
The master class will cover the basics of building shellcode for x86 family processors, the main tasks in building shellcode and how to solve them. The main focus will be on building the minimum size of shell codes. The facilitator will present examples of shell-code optimization and invite participants to optimize the shell-code section for practical fixing of the material.
Leading:Anton Dorfman is a researcher, reverse engineer, and assembler fan. Since 2001, he teaches at Samara State Technical University, is engaged in scientific and practical research in the field of information security software, has published more than 50 scientific articles. Developed and taught unique reverse engineering training courses. Since 2009, the organizer and playing coach of student teams of SamSTU participating in CTF computer security competitions.
Windows kernel: a short course of a young fighter
Master Class Plan:
- general physical preparation (OS tuning and debugging tools);
- instruction on the use of weapons (skills to work with WinDBG);
- orientation on the ground (collecting information in the core);
- know the enemy by sight (OS core defense mechanisms);
- battle tactics (exploitation features);
- training (an example of exploiting a vulnerability in a kernel component).
Presenter: Artyom Shishkin - Information Security Specialist at Positive Technologies. Starting with system programming and receiving the MCTS: Windows Internals certificate, he is still researching Windows, its devices and vulnerabilities. Admires the core, pool damage and synchronization. Does not like Intel SMEP, bypasses it.
Android Application Security
The laboratory workshop helps to master the basic techniques of analysis of application security and forensic analysis of mobile platforms based on Google Android. As part of the security analysis, typical vulnerabilities discovered by Positive Technologies experts will be demonstrated, including Google’s recently fixed vulnerabilities in Chrome for Android, as well as zero-day vulnerabilities.
Presenter: Artyom Chaykin - Leading Specialist of the Web Application Security Analysis Group at Positive Technologies.
SAP attack methodology
Implementing an attack on SAP ABAP
- Determining Available SAP Services (IP Range)
- Connect to Oracle without authentication
- Password Matching for Office Users in Oracle
- Search for accounts (method from CEH course)
- Intercepting passwords using Wireshark
- Matching passwords derived from USR02
- Running programs from the OS level
- RFC connection analysis (storage of authorization data)
Exploiting Vulnerabilities in SAP NetWeaver 7.0
- Search for running Java services
- Retrieving information by analyzing event logs in the SAP Java applet (without authorization) <
- Receiving and analyzing event logs by an authorized user with minimal privileges (Java)
- Spoofing HTTP Requests for Java Java Services
- Gaining access to the OS by exploiting vulnerabilities in services
- Java Secure Storage Analysis
Exploitation of transport system vulnerabilities
- Features of the SAP landscape and the transport subsystem
- Creating an account with administrative privileges using fake transport request
Presenter: Vyacheslav Mavlyanov is an information security expert at Positive Technologies.
PS Detailed information about upcoming workshops, speeches and speakers can be found on the PHDays website .
PPS You can purchase tickets for the forum at the following link .