PHDays 2017: how it was
The mClouds.ru team visited the Positive Hack Days (PHDdays VII) international forum on practical safety, which was held on May 23-24, 2017 in Moscow. The forum brought together a large circle of experts in the field of information security, guided by the principle - a minimum of advertising and a maximum of useful knowledge.
The program of the event consists of the following sections:
Technical report - presentation of work from the “sharks” of information security.
Section / Business report - a section with the participation of business representatives.
Hands-on Labs - practical workshops from professionals in their field.
Fast Track / Young School - a section for young scientists, a presentation of their own research, aimed at expanding the boundaries of knowledge in the field of information security.
This year, stands were presented for companies that are not only engaged in the development of solutions in the field of information security, but also integrator companies that implement and develop their solutions to ensure comprehensive protection of information security.
Let's note the stands we liked. Let's start with Positive Technologies, which introduced a beta version of the PT BlackBox Scanner, a free vulnerability scanner, for identifying vulnerabilities in web applications.
To check your application with a scanner, you will need to confirm ownership of the site, and the cloud scanner will search for weaknesses. It is possible to scan using an agent without confirming ownership of the site.
You can test your web resource on the scanner website - bbs.ptsecurity.com .
We are expecting the appearance of the QRadar SIEM Community Edition for use in small businesses with EPS restrictions and the ability to upgrade the number of processed events.
Microsoft for the stand with Windows and Xbox.
Rostelecom, thanks for the delicious coffee and freshly squeezed juice!
Infotecs provided an opportunity to take a test and test ViPNet Alcotronic! /> @ roman_rrrrr
Axoft for the hackers in da box ride. Beyond Security - for the registration form with the name, email and password on a 40 ”+ touch screen monitor with an on-screen keyboard.
Separately, it is worth mentioning the contests for forum participants.
The big jackpot is an ATM and self-service kiosks, these are the objects that are located on the route of our journey to work, study and our friends. Cassettes filled with neatly cut paper often become victims of both smart and not-so-smart crooks. Visitors can try themselves as a researcher of RB systems and open a bag of gold in the Hardware Village; two self-service kiosks and one ATM are used as test subjects.
Remote Maintenance Kiosk # 1
Remote Maintenance Kiosk # 2
2600- And I spin the steering wheel and press on the gas ... your task is to make a call from a Soviet-style payphone to a specific number and at the same time not spend and return the token.
Nalivayka - traditional closing of the competitive program on PHDays for participants who have reached alcoholic maturity. Selected participants will have to “test the strength” of a Web application protected by WAF (Web Application Firewall) and demonstrate the ability to think soberly in any situation.
When the “protection system” is triggered, participants are invited to drink 50 ml of a strong and very strong drink every 5 minutes, and then continue the fight until the main game flag is captured. If the main flag could not be taken, the winner is determined by the number of flags collected in the “playing time”.
CAMBreaker - the Internet of things comes with a wide and confident step, and hacking devices of this class can bring a lot of valuable information to an attacker. To participate, it is recommended to capture a gentleman's set, which will help to find web vulnerability or help reverse firmware.
IoT by Google
Automotive Village: CarPWN- Forum participants can check the safety of the Tesla Model S car for strength. Finding the right wires and blocks, properly connecting to the vehicle’s on-board network and carrying out a MiTM attack, you can try all this for two days of the forum with an open stand and access to Tesla!
WAF bypass is a traditional PHDays contest where you need to bypass the PT Application Firewall (PT AF) firewall (ITU). The winner is determined based on the number of points earned that are awarded for obtaining flags. This year, the direction is taken to bypass the new component PT AF for database protection.
MITM Mobile- Interception of SMS, telephone calls and USSD, deployment and work with false base stations - all this can be seen at the stand and try to master the techniques for hacking your own operator. The GSM standard can be hacked not only by special services with expensive equipment, but also by a technically savvy participant with a piece of iron for $ 25.
HackBattle - solving complex and unexpected tasks in real time on the main stage, where you will need to demonstrate skills and abilities to work in high load mode with a demonstration of speed and resourcefulness in solving the issues presented. To participate in the competition, it was required to pass the first stage, the screening test. Winner receives Hak5 Field Kit and stormy applause from the public!
We recommend you to familiarize yourself
Without departing from the main principle of the forum, we will publish a list of reports that have been marked by our agents as “for review” (to view the presentation of the report, you need to click on the article title):
You, not you. The army of smart bots in the hands of a hacker - the CEO of Lavina Pulse, Andrey Masalovich, described life examples ranging from captcha recognition and scanning SQL injection to influencing the course of elections.
“The confrontation on the Web today is not a war between bots and people, but rather a war between armies of smart bots.”
Hackers want your bank more than your customers- analysis of interesting cases with attacks on ATMs, payment gateways and processions from Dmitry Volkova. Demonstration of errors and tactics of attackers when attacking a local network, identifying activity and preventing the financial institution’s infrastructure from breaking down.
DDoS attacks in 2016–2017: a coup — a modification in the organization and conduct of DDoS attacks, their changes and causes, premises and consequences, as well as the relationship with the development of IoT.
A hacker is trapped, or a practical demonstration of blocking exploits and crypto - lockers - a master class with a demonstration of malicious code and protection tools in active mode (antivirus, URL filtering, antispyware, IPS, Threat Intelligence, DNS Sinkholing, sandboxes based on Next Generation Firewall, etc. .P.).
Video reports are published onyoutube channel and on the official website of the event, you can only wait for the video from PHDays VII. You can watch the video reports of last year on the official website of PHDays VI .