Psychologie sociale et cognitive appliquée au fuzzing de l'être humain
Depuis toujours, la ruse et les stratagèmes ont été appliqués aux plans
de bataille, à la promotion sociale et à des fins mercantiles. Sun Tzu,
Machiavel et bien d'autres en ont popularisé les usages mais les
avancées du XXème siècle dans le domaine de la psychologie sociale
couplés aux innovations destinées à convaincre le consommateur de
l'intérêt d'acheter, ont permis de comprendre les mécanismes et la
dynamique de persuasion. Le comportement de l'être humain est finalement
relativement prévisible lorsque certains stimuli sont appliqués, ce qui
permet aux personnes qui en maîtrisent les principes de gagner la partie.
Because any programmer can use a good crypto library to write crypto
software it is often easier to crack a system by finding programming
errors through reverse engineering rather than to cryptanalyse the
algorithms used. We show this with three compelling examples:
- The MXI-stealth FIPS 140-3 level 2 certified key, were a poorly
implemented "enterprise" feature allowed to extract unsalted hashes
prior to authentication, before it got patched.
- A version of the E-capsule Private Safe software, where the
manipulation of two bytes allows to use any of the admin, public,
private or even panic password to access all data.
- The DataBecker PrivateSafe software, where a checksum ruins all the
efforts of the blowfish key setup algorithm
All browsers MITM keylogging on remote
- p3lo (France)
Identification & Exploitation of Business Logic Flaws in Web Applications
- Georgiadis Filippos (Greece)
The talk will include an introduction into business logic and some theory on the identification and exploitation of business logic flaws for malicious purposes. Real life examples and scenarios (collected from my experience as penetration tester) will be presented. It will include a theoretical approach on the automation of the identification of business logic flaws and a presentation of BLe (A custom automated tool capable of detecting business logic flaws in web applications). Finally guidelines for safeguarding the applications against business logic flaws will be presented.
w3af
Open Source tools like Nikto, Wapiti, Pantera and others try to find
vulnerabilities in web applications but lack many features and
configuration options. Comercial products have the features, but also
have high product costs and are almost impossible to customize.
w3af ( Web Application Attack and Audit Framework ) is an open source
project that aims to automate the detection and explotation of all web
application vulnerabilities. The project's main objective is to become
an open platform where anyone can contribute with new techniques and
code to identify and exploit vulnerabilities. w3af's core and
plugins are fully written in Python and right now the project has more
than 130 plugins and 60K lines of code!
My talk will introduce this tool to new users, while showing it's
features and the new GUI which was created during the last OWASP SoC.
During the talk, I'll perform a couple of demos of the main features
and explain how the advanced exploitation features work.
- Andres Riancho (Argentine)
Andrés Riancho is an information security researcher and founder of
Bonsai, where he is mainly involved in Penetration Testing and
Vulnerability Research. In the research field, he discovered critical
vulnerabilities in IPS appliances from 3com and ISS; and contributed
with SAP research performed at his former employer.
His main focus has always been the Web Application Security field, in
which he developed w3af a Web Application Attack and Audit Framework
used extensively by penetration testers and security consultants.
Andrés has spoken and hold trainings at many security conferences
around the globe, like OWASP (Poland), CONFidence (Poland), OWASP
World C0n (USA), CanSecWest (Canada), T2 (Finland) and ekoparty
(Buenos Aires).
Andrés founded Bonsai in 2009 in order to further research into
automated Web Application Vulnerability detection and exploitation.
Wireless Sensor Networking as an Asset and a Liability
- Travis Goodspeed (USA)
HostileWRT - Abusing Embedded Hardware Platforms for Covert Operations
- HostileWRT Team (France)
HostileWRT: Turn Your Friendly Wireless Access Point into an Autonomous, Curious, Standalone, Malicious & Really Annoying Device
Have you ever imagined what a recalcitrant access point would look like? Well… neither do we. So we're going to show you what REAL love is all about. HostileWRT tends to make love to your antennas thanks to the 802.11 protocol suite. Then, sharing the love is more than natural. No wonder then that HostileWRT, despite its very blackhat touch, is the most desirable item in one's sado-(techno)-masochist outfit.
Mystification de la prise d'empreinte (OS Fingerprinting Defeating)
UC Security (Unified Communications Security)
Many enterprises are moving toward adopting Microsoft Office Communications Server
as the centerpiece of their Unified Communications infrastructure.
Microsoft’s solution helps to streamline communications between people and
organizations, bringing together e-mail, calendaring, voice mail, IM and presence, VoIP,
audio, video, and Web conferencing.
However, IT managers deploying OCS must carefully evaluate their security architecture
and ensure that they have adopted the proper configuration and policies to mitigate
security risks common to unified communications.
This presentation will introduce the audience to a free, open source security tool, OCS
Assessment Tool v2.0 (OAT). This tool helps IT managers and security practitioners
evaluate the security architecture of their OCS deployments and ensure their mission
critical communications and systems are protected.
This session will instruct the audience in how to test their environments and ensure that
their OCS deployment is properly configured to properly address:
• Online Dictionary Attack
• Presence Stealing
• Contact List Stealing
• Single/Multi user Flood Mode
• Call Walk
• Call DoS
• Audio Spam
General topic of the speech: Voice over IP Security
- Abhijeet Hatekar (Sipera Systems) (India)
Abhijeet Hatekar is a working as a Vulnerability Research Engineer in Sipera VIPER (Voice over IP Exploit Research) Lab.
Abhijeet is a graduate from University of Pune, India and Author of tool VideoJak v1.0
(http://videojak.sf.net) and OAT v1.0 (http://voat.sf.net) VoIP assessment tools. His past stints include Symantec India Corporation Pune.
From Wikipedia
Unified communications (UC) is the integration of non real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax) with real-time communication services such as instant messaging (chat), presence information, IP telephony, video conferencing, call control and speech control. UC is not a single product, but a set of products that provides a consistent unified user interface and user experience across multiple devices and media types.[1]
UC also refers to a trend to offer Business process integration, i.e. to simplify and integrate all forms of communications in view to optimize business processes and reduce the response time, manage flows and eliminate device and media dependencies.
UC allows an individual to send a message on one medium and receive on another. It should be possible to easily transfer any activity or message to another medium. For example, one can receive a voice mail message and choose to access it through email or a cell phone. If the sender is online according to the presence information and currently accepts calls, the response can be sent immediately through text chat or video call. Otherwise, it may be sent as a non real-time message that can be accessed through a variety of media.
SS7
- Philippe Langlois (France)
Founder of P1 Security and Senior Security Researcher for Telecom Security Task Force.
Philippe Langlois has proven expertise in network security. He founded and led technical teams in several security companies (Qualys, WaveSecurity, INTRINsec) as well as security research teams (Solsoft, TSTF). He founded Qualys and led the world-leading vulnerability assessment service. He founded a pioneering network security company Intrinsec in 1995 in France, as well as Worldnet, France's first public Internet service provider, in 1993. Philippe was also lead designer for Payline, one of the first e-commerce payment gateways. He has written and translated security books, including some of the earliest references in the field of computer security, and has been giving speeches on network security since 1995 (RSA, COMDEX, Interop, HITB Dubai, Hack.lu).
Source: Wikipedia
Signaling System Number 7 (SS7) is a set of telephony signaling protocols which are used to set up most of the world's public switched telephone network telephone calls. The main purpose is to set up and tear down telephone calls. Other uses include number translation, prepaid billing mechanisms, short message service (SMS), and a variety of other mass market services.
It is usually abbreviated as Signaling System No. 7, Signaling System #7, or just SS7. In North America it is often referred to as CCSS7, an acronym for "Common Channel Signaling System 7". In some European countries, specifically the United Kingdom, it is sometimes called C7 (CCITT number 7) and is also known as number 7 and CCIS7. (ITU-T was formerly known as CCITT.)
There is only one international SS7 protocol defined by ITU-T in its Q.700-series recommendations.[1] There are however, many national variants of the SS7 protocols. Most national variants are based on two widely deployed national variants as standardized by ANSI and ETSI, which are in turn based on the international protocol defined by ITU-T. Each national variant has its own unique characteristics. Some national variants with rather striking characteristics are the China (PRC) and Japan (TTC) national variants.
The Internet Engineering Task Force (IETF) has also defined level 2, 3, and 4 protocols that are compatible with SS7 MTP2 (M2UA and M2PA) MTP3 (M3UA) and SCCP (SUA), but use an SCTP transport mechanism. This suite of protocols is called SIGTRAN.
Memory forensic and incident response for live virtual machine (VM)
Recently, memory analyzing has become a popular mechanism to perform
incident response and forensic. However, traditional approach of
memory forensic has some major drawbacks that cannot be solved in
current systems. The first shortcoming is the inconsistency memory
problem: memory cannot be consistenly acquired because system is still
functioning in the process. Another issue is that existent rootkits
can easily tamper with the acquired and analyzed steps. Last but not
least, loading forensic tools into the memory will inevitably erase
evidences in the memory.
This research presents "Outspect", a new tool set to perform memory
forensic and incident response for live virtual machine (VM). By
running Outspect outside of the inspected VM, we can solve the
above-mentioned problems of traditional memory forensic. While
Outspect and its architecture is designed to support all kind of guest
OSes and hypervisors, in this presentation we focus on Windows guests
running on Xen hypervisor.
The talk dedicates some time to discuss the advantages and challanges
of our approach. The mechanism to inspect and extract important system
objects from raw memory will also be examined. We will go into detail
on our architecture, and prove that it is useful for many things other
than just live memory forensic.
The presentation includes some live demos to demonstrate the
effectiveness of Outspect. We will use Outspect to inspect and detect
some popular kernel rootkits and userspace malware on Windows VM. The
demo will also show that it is trivial to detect exploitation using
sophisticated attack technique like Metaspoit with Meterpreter payload
(which cannot be detected by any anti-virus at the moment).
Nguyen Anh Quynh is a researcher at The National Institute of Advanced
Industrial Science and Technology (AIST), Japan. His interests include
Operating System, Virtualization, Trusted Computing, Intrusion
Detection, Digital Forensic. He published various academic papers, and
presented his research results in a lot of hacking conferences around
the world. Quynh obtained his PhD degree in Computer Science in Keio
University, Japan. He is also a member of Vnsecurity, a pioneer
security research group in Vietnam.
General topic of the speech (eg.: network security, secure
programming, computer forensics, etc.)
Internet Marketing vs. Web Security: Guide to Extreme Black Hat Online Profits!
Along with the rapid growth of online business models, the use of web vulnerabilities to increase financial gain is wildfiring. It is important for every online business players to understand the importance of these attacks to protect their businesses from suffering loses.
This isn’t just another presentation about the cross-site scripting or cross-site request forgery attacks. Instead, we will discuss the potential impact when the two are combined with clickjacking and other possible vulnerabilities to form new techniques attacking online businesses. Black hat marketers are starting to use these kind of techniques, creating new Black Hat SEO techniques to gain personal extreme profits for themselves.
Taking advantage of the infamous clickjacking and several other vulnerabilities, the next level of Black Hat SEO will not involves robot or invalid clicks anymore, but instead transforming user clicks into some clicks that converts.
This talk examines the possibilities of black hat approach to online money making. The resulting used, which deeply interact with web vulnerabilities, create additional chances for malicious users to gain extreme profits from doing unethical techniques. Experiments with mainly used web-browsers and web applications to create simulated hijacked online business models shows that Black Hat SEO techniques can be maximized through-out the use of web application/browser vulnerabilities.
Anselmus Ricky has worked in web application security for over 4 years and have done found several vulnerabilities on some huge companies such as Yahoo, Telkom Indonesia, Friendster, etc. He has presented at numerous local security conventions, authored some best-selling books and certified on some international security certifications such as CEH and CHFI. He is in every way passionate about the field of Information Security.
New Algorithms for Attack Planning
We will present the advances of our research in automating multi-step
attacks against computer networks. The problem of automating network
attacks (in particular, penetration tests) has gained importance, since
the work of the pentester requires a high level of expertise and is
time- and resources-consuming. Moreover, automated attacks would allow
to conduct a regular and systematic risk assessment of the target network.
More precisely, the problem that we consider is: given a set of goals
(e.g. to obtain sensitive data such as credit card information from any
machine in a given network), and an initial incomplete knowledge of the
network, determine the best course of actions for an attacker in order
to obtain the goals. The resulting plan of action is given as input to
pentesting tools that include information gathering modules, exploits
and agents that can be used as pivoting stones to launch other modules
from the target machine. To clearly state (and subsequently solve) this
planning problem, a model of real world attacks is needed. We will
present a family of attack models, which can be instantiated by defining
the Actions, Assets and Agents.
Previous works on this topic are based on the construction and analysis
of Attack Graphs, whose utility has been well established and are a
current subject of research. In general, the attack graphs proposed in
the literature are constructed from a network defender point of view,
who already knows everything about the target network. A good review of
attack graphs proposals can be found in the survey of Lippmann and
Ingols (MIT Lincoln Lab Report, 2005). In particular they show that most
proposals lack scalability, and that the scenarios considered by the
authors comprise less than 10 hosts and 20 vulnerabilities.
More importantly, previous models do not take into account numerical or
probabilistic effects of the actions. To improve the realism of the
model, we add several dimensions: the probability of success, the
expected running time of each action, the noise produced by the actions
(in terms of network traffic or registered events on IDS logs), and the
traceability of the attack (dependent on the number of intermediate hops
and topological factors). These values are conditional: they depend on
the environment conditions.
Planning in the probabilistic setting is far more difficult than in the
deterministic one, and it is the specific problem that we tackle in the
second part of the presentation. We present fast algorithms designed for
probabilistic planning of multi-step attacks, in order to minimize an
attack parameter (e.g. the expected execution time). Our solution is
suited for an interesting (and significant) part of the scenarios that
need to be solved in a real world attack. The computational complexity
of our solution is O(n log n), where n is the total number of actions in
the graph. This means that planning can be solved in scenarios with, for
example, 512 hosts distributed in different networks, and 840 exploits
in the attacker's toolbox.
The proposed algorithms are presented gradually, starting with scenarios
with one target and multiple exploits, and moving on to scenarios made
of arbitrary attack trees. Proofs that the algorithms provide an optimal
attack plan are sketched in each case. We conclude with some ideas for
future work in this area.
General topic of the speech (eg.: network security, secure
programming, computer forensics, etc.)
Attack planning, attack graphs, automated penetration test.
Carlos Sarraute has studied Mathematics in the University of Buenos
Aires and is currently a PhD candidate in Computer Engineering at ITBA
(Instituto Tecnologico de Buenos Aires). He works since 2000 in
CoreLabs, the research lab of Core Security. His areas of research are
security vulnerabilities, attack planning and modeling, security events
visualization, cryptanalysis, protocol design flaws (geometric attack to
MySQL authentication, SSH timing analysis) and the use of Artificial
Intelligence techniques for information gathering. He has given talks
and courses about information security and cryptography in several
universities in Argentina, and has spoken in the security conferences:
PacSec, EUSecWest, SSTIC, HITB (Kuala Lumpur).
Some publications and presentations:
"Simulating Cyber-Attacks for Fun and Profit", with Fernando Miranda et
al. In SIMUTools'09 (International Conference on Simulation Tools and
Techniques), Rome, Italy, March 2-6, 2009,
"Binary cryptography and differential cryptanalysis".
In Jornadas de Criptografía y Códigos Autocorrectores, Universidad
Nacional de Mar del Plata, November 20-24, 2006.
"Outrepasser les limites des techniques classiques de Prise d'Empreintes
grace aux Réseaux de Neurones", with Javier Burroni.
In SSTIC (Symposium sur la Sécurité des Technologies de l'Information et
des Communications), Rennes, France, May 31-June 2, 2006.
"Foundations and Applications for Secure Triggers", with Ariel
Futoransky et al.
In ACM Transactions on Information and System Security (TISSEC), Volume
9, Issue 1 (February 2006), pp. 94--112. ISSN: 1094-9224.
"Analyzing OS fingerprints using Neural Networks and Statistical
Machinery", with Javier Burroni.
In EUSecWest, London, February 20/21, 2006.
"Advanced Software Protection Now", with Diego Bendersky et al.
In CoreLabs Technical Report (2003).
For more information see:
http://corelabs.coresecurity.com/index.php?action=view&type=researcher&name=Carlos_Sarraute
Asterisk Resource Exhaustion DoS: Don’t let the fuzz get you!
While fuzzing Asterisk’s IAX protocol it was discovered that it was riddled with resource exhaustion DoS vulnerabilities. How did an IETF document get migrated into a perl fuzzer to produce over 12 0days? How could criminals profit from these bugs? How can these bugs be weaponized by rouge governments? Why aren’t these bug getting fixed? This and more will be discussed with PoC demonstrations. A script to monitor and alert administrators if an Asterisk PBX is being targeted by these bugs will be released.
Blake Cornell has been an IT innovator and developer with over 12 years experience in software and security. He has consulted Fortune 500 companies and various law enforcement agencies with hopes of utilizing technology to ease real world issues. He currently has vested interests in a few companies providing network and application security as well as VoIP telephony. His latest endeavor, Remote Origin, Inc. is proud to offer the first to market software telephone utilizing centralized administration mechanisms with Asterisk. His personal project, Security Scraper, is currently harvesting over 500 computer security related records daily which he uses to track trends within the security industry. He is a proud member and supporter of InfraGard, a partnership between the Federal Bureau of Investigation and the private sector, and OWASP, the premier application security consortium.
He has spoken at or is scheduled to speak at Briarcliffe College (Bethpage, NY), Astricon (Pheonix, AZ), The Last Hope (New York, NY) and ICCS 2009 (New York, NY).
He has been mentioned or quoted from organizations such as CNet News, Communications News, Security Focus, Fierce VoIP, NIST NVD, Security Vulns, Cabling Installation & Maintenance Magazine.
Massive malicious activities (malware spreading, DDoS attacks)
Massive malicious activities (malware spreading, DDoS attacks) and attacks on infrastructure in large-scale networks: how they could be analyzed via simulation. I'll present examples of approaches to malware and network security systems models, that I'm working on with my students at MSU.
Graduated from Moscow State University in 2004, M.Sc in Computer Science and Calculation Math, Ph.D-in-waiting. Areas of expertise:
Network and malware outbreaks simulation
Simulation and modeling for security systems design and performance analysis
Data mining algorithms in attack and virus detection
Presently employed at Computer Systems Laboratory at CMC faculty of Moscow State University as research and development projects manager. Alexei co-leads Network Security seminar for CMC students, provides advisory and critics for security-related research efforts.
General topic of speech: network security, malicious activity analysis and predictions (malware spreading, DDoS)
OpenVAS - Open Vulnerability Scanning
OpenVAS stands for Open Vulnerability Assessment System and is a network
security scanner. The core component is a server with a set of network
vulnerability tests (NVTs) to detect security problems in remote systems
and applications. OpenVAS is capable of performing local and remote
security checks and currently checks can be written in NASL and OVAL. In
time of this writting, OpenVAS is beyond 10k vulnerability checks
implemented. OpenVAS products are Free Software under GNU GPL and a fork
of (GPL) Nessus.
Current state of OpenVAS will be discussed together with unique features
added to OpenVAS after the fork. Special attention will be given how
users can benefit from these bright new features (OVAL support, tools
integrated, OTP protocol, etc). Also, it will be an open invitation for
hackers to come and help in making OpenVAS better product.
Vlatko Kosturjak is security consultant delivering his services across
Europe, Middle East and Africa (EMEA). He contributes to OpenVAS,
Nessus, nmap and snort (to name a few). He spoke at various regional
conferences in Europe on Croatian and English language. Vlatko is
president of Croatian GNU/Linux Users Group called HULK.
Automated malware analysis, forensic analysis, anti-virus technology
In 1993, various researchers started mentioning "the glut problem", a problem best
described by the large quantities of new viruses that started flooding anti-virus
laboratories. At that time there were 3000 known viruses and pessimistic estimates
ranged from 4500 to 5000 total viruses in 1995.
Welcome to 2009.
Nowadays most AV programs have passed the 3 million mark and more than 5000
new viruses appear _daily_. AV software is getting bigger and bigger and it's getting
harder every day to deliver signature updates to the customers.
To address this problem, AV vendors have developed "cloud scanning", a technique that
keeps at least parts of the signatures on dedicated servers. In our implementation,
the client also uses compromise detection and forensic analysis techniques to gather
information.
A lot of information.
This presentation will describe the types of information we gather and the specific
techniques used to retrieve it from the possibly-compromised hosts. We will also describe
the server component and the methods used to process and use the information for
tasks ranging from sample prioritization to full automatic blacklisting.
- Mihai Chiriac (Roumanie)
Position: Head of Research & Development, BitDefender
Mihai manages the BitDefender Research team, designing and overseeing the development of new
technologies, ranging from dynamic binary translation to intrusion prevention, compromise detection
and forensic analysis. He has more than ten years experience in analyzing malware and designing
detection technologies.
In recent years, Mihai worked as a consultant for an UK start-up company specialized in
Intrusion Prevention. He has written a number of papers that were published in national
and international publications. Recently, he was invited to speak at the Virus Bulletin
Conference (Ottawa, 2008 and Geneva, 2009) and Hack.Lu Conference (Luxembourg, 2008).
He is passionate about aviation and he's currently studying to get his Private Pilot License.
Flash Remote Hacking
I've been very active in researching vulnerabilities in flash remoting
and have implemented a tool which I plan to release which performs a
number of attacks against flash rpc servers. This work builds off my
coworkers presentation given at blackhat vegas last year.
General topic of the speech (eg.: network security, secure programming, computer forensics, flash application pentesting, etc.)
- Jon Rose (USA)
Security Consultant
Trustwave - SpiderLabs
Jon has close to a decade of experience performing network and
application security assessments, including network penetration
testing, blackbox application testing, and code reviews across a wide
range of programming languages and technologies. Jon has also led IT
policy, standards, and guideline projects, as well as providing IT
security remediation support for commercial and government clients.
His security expertise also includes building enterprise security
programs, providing guidance in an enterprise security architect role,
and building security into organizations existing software development
lifecycle.
Auditing and securing PHP applications
PHP Code Audit
In this laboratory, we will carry out a safety audit on the code of a web application. The technical objective is to provide a report and treat all phases of investigative work: source analysis, identifying vulnerabilities (XSS, injections, disclosure, etc.), recommendations for strengthening, and prioritization of tasks.
Philippe Gamache
Parler Haut, Interagir Librement
Philippe Gamache participe à la communauté de PHP depuis 1999 en faisant de la promotion, en participant aux groupes locaux, en organisant des conférences, en présentant à des conférences et en écrivant des articles techniques.
Philippe est l'éditeur et le webmestre du portail PHPortail www.phportail.net
Il est le coauteur du livre "Sécurité PHP 5 et MySQL 5". Il est sur le conseil d'administration de la section de Montréal de l'OWASP.
Il est le président de Parler Haut, Interagir Librement; une entreprise qui fait des audits de sécurité et des testes de pénétration des applications Web en PHP. Il offre aussi des formations sur la programmation sécuritaire en PHP.
Intervenants invités
Richard Matthew Stallman interviendra pour FRHACK 01.
Richard Matthew Stallman (né à Manhattan, le 16 mars 1953), connu aussi sous les initiales RMS, est un programmeur et militant du logiciel libre. Il est à l'origine du projet GNU et de la licence publique générale GNU connue aussi sous l'acronyme GPL, qu'il a rédigée avec l'avocat Eben Moglen. Il a popularisé le terme anglais copyleft (que l'on peut traduire par « copie laissée » mais qui est au départ le fruit d'un jeu de mots avec le terme copyright, et l'opposition « gauche d'auteur » / « droit d'auteur » ). Programmeur renommé de la communauté informatique américaine et internationale, il a développé de nombreux logiciels dont les plus connus des développeurs sont l'éditeur de texte GNU Emacs, le compilateur C de GNU, le débogueur GNU mais aussi, en collaboration avec Roland McGrath, le moteur de production GNU Make. [Wikipedia]
Entrée gratuite pour cette conférence
David Hulton évolue dans le domaine de la sécurité depuis 5 ans et est actuellement spécialisé dans le développement de la sécurité des réseaux sans-fils 802.11x, spécifiquement pour l'exploitation de leurs faiblesses. Il est le développeur principal du projet bsd-airtools, un ensemble complet d'outils d'audit et de test d'intrusion pour 802.11x. David est également le fondateur de Nightfall Security Solutions, et l'un des membres fondateurs du Dachb0den Research Labs, une association à but non-lucratif de Californie du Sud. Il est également organisateur de la conférence sur la sécurité informatique ToorCon et a contribué à de nombreuses réunions sur la sécurité et les systèmes Unix à San Diego, Californie.
David Hulton est l'un des membres fondateurs de la société Pico Computing, constructeur d'ordinateurs FPGA embarqués compacts et dédiés au développement révolutionnaire d'applications à code ouvert pour les systèmes FPGA.
The Good, the Bad, and the Ugly of Crypto
What crypto is strong these days? What is really feasible for an
attacker and what isn't? What's faster for breaking crypto? CPUs?
GPUs? FPGAs? The Good, the Bad, and the Ugly of Crypto will take you
on an adventure through a handful of crypto examples including DES,
MD5, SHA-1, and some proprietary algorithms used for RFIDs and VoIP
systems to give you a better understanding of how to answer these
questions and a few scenarios of what happens when crypto designs go
horribly wrong.
Cesar Cerrudo est un chercheur et consultant argentin en sécurité informatique spécialisé en sécurité applicative. Reconnu comme un chercheur en sécurité informatique de talent, Cesar a découvert et aidé à corriger des douzaines de vulnérabilités dans des applications incluant Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft BizTalk Server, Microsoft Commerce Server, Microsoft Windows, Yahoo! Messenger, etc. Cesar a publié plusieurs livres blancs sur la sécurité des systèmes de gestion de base de données, des applications, sur les attaques et techniques d'exploitation et a été invité comme intervenant a de nombreuses conférences incluant celles de Microsoft, Black Hat, Bellua, CanSecWest, EuSecWest et WebSec. Cesar collabore, et est régulièrement cité pour des publications en ligne telles que eWeek, ComputerWorld, etc.
Rodrigo Rubira Branco (BSDaemon) est un expert brésilien en sécurité pour Check Point Software Technologies et Consultant Senior en Recherche de Vulnérabilité au Laboratoire de Recherche en Vulnérabilité (VRL) de COSEINC.
Il a travaillé comme ingénieur logiciel pour IBM, membre de l'Advanced Linux Response Team (ALRT), une partie du IBM Linux Technology Center (IBM/LTC).
Il maintient plusieurs projets open-source et est intervenu dans les plus importantes conférences liées à la sécurité à travers le monde.
Rodrigo est également membre de RISE Security (www.risesecurity.org).
Jérôme Athias (securinfos.info) ouvrira la conférence FRHACK 01 par une introduction.
Jérôme est un chercheur français en sécurité informatique. Il est actif sur divers forums et mailing-listes liés à la sécurité informatique. Il contribue également à plusieurs projets du domaine de la sécurité NTIC (ex: le Framework Metasploit, freerainbowtables.com).
Jérôme est intervenu dans des conférences internationales sur la sécurité informatique comme Toorcon (San Diego, USA) et VNSecon (Ho Chi Minh, Vietnam).
Il est maintenant consultant principal de JA-PSI, Société spécialisée en audits de sécurité informatique et tests d'intrusion.
Note: Malheureusement, certains intervenants invités précédemment ne seront pas disponibles pour FRHACK 2009.
