Coming soon ...
Coming soon ...
Subtitle: Broadcom based Cable Modem Hacking for fun and profit
Many last-generation Cable modem are based on last generation Broadcom chipsets, allowing multiple applications to run, multitask support and various embedded files such as HTML pages or resources. This talk aims at presenting simple tools and methods to break into these modems, dump information from specific components, and also presents many features of the BCM3383 chipset.
The author wrote many tools dealing with packed firmwares and files, and identified many ways to hack the way cable modems work. These tools will be made publicly available once the talk done.
In order to be successful, old-school arcades had to be awesome. To be awesome, they were often running on dedicated hardware.
As they were awesome, it triggered an awesome level of piracy, for which bootleggers were ready to remake from scratch the whole hardware.
In order to fight that, the industry came with awesome dedicated protections, and some of them are still undefeated nowadays.
This talk introduces the world of old-school arcades, and explains what it took to prevent some of them to be lost forever.
This is a talk on perspectives. I step outside of mine to see hacking around the world though different views. We will explore how companies who publish reports help skew the global perspective. We will look at how people from different parts of the world see hacking/ information security from their own perspective. We will hear a few tales of what I saw through my perspective of a stranger in a foreign land. We will then explore a small slice of history of a few hackers to gain a better perspective of where we have been, where we are now and where we are heading. This talk was not only created to entertain and enlighten the conference attendees to take a step back and look at what they themselves are a part of. It was made for them to share with friends, family and coworkers. So people on the outside could get a better understanding of what a hacker truly is and why being one is such a great thing to be!
"Cloud" is slowly replacing some parts of our the web we have been used to deal with, in this talk we will see how to understand and adapt our toolkits and our attacks to this "cloud" world.
This presentation will show you how to duplicate a key, with no experience, applicable on standard keys, dimple keys and even high security pump locks keys. Only for a few bucks.
Commercially available code cutting machine usually cost more than 10 000 euros, and the are dedicated to a specific type of key. Even locksmiths are pretty rare to own one, because the total invesment is around 60 000 euros if you want to duplicate a large part of the key available on the market.
Using a CNC milling machine can be very helpful, for less than 5 000 euros, or even less than 1 000 euros with DIY machines. And this machines are more and more present in HackerSpaces and FabLabs.
And what about 3D printing ?
Please come and you will know ;-)
Take back the control over your physical security !
This talk deals with home automation (also called "domotics") and its security concerns: assets and security protection, privacy and digital security. These security aspects are closely related, actual intruders not relying only on classical intrusion techniques and tools but also on new technologies: social networks, specific-purpose electronic devices and computers.
Many opensource and closed solutions and their vulnerabilities will be demonstrated , showing their lack of maturity but also the fact developpers do not follow best practices. Moreover, this talk questions on of the most announced marketing motto: "Protect your assets and your family with our home automation box !"
Many live demos will be performed on some of the presented home-automation solutions, showing the ease and possible impact in real life.
1. Example based on the Téraillon TX6000 scale
2. Arduino code for weight reading
3. Communication method : Sigfox network with Akeru board, why and how.
4. Results : history of an actual behive mesures
This talk will show a very common weakness in RSA signatures. We will be able to computationally extract public RSA keys from communications and embedded systems in case the public key is voluntarily not published. This weakens RSA signatures where keys of small sizes and/or quality are used and allows direct factoring attacks. 2 studies will be conducted on PGP/GPG e-mails and on the Vigik access control system which protects access to nearly 1 million buildings in France.
Global surveillance emerged as a phenomenon since the late 1940s and Internet and mobile technology are being developed with such pace that it is impossible to guarantee electronic privacy and nobody should expect it. How strong are the actual Instant Messaging Platforms? Do they take care of our security and privacy? We'll look inside the security of several clients (like BBM, Snapchat, Viber or Line) and will put our focus on WhatsApp.
WhatsApp might not be as widely known as Twitter, but the company announced that it has passed 400 million active monthly users. WhatsApp has been plagued by several security issues in the past, so we decided to start the research. We’ve discovered several vulnerabilities more that we'll disclosure (with proof of concept code), including encryption flaws, remote DOS (making the client crash by sending a custom message) or how to spoof messages manipulating sender address information.
We've been messing with all kind of public devices in the last years, in airports, malls, cinemas, museums or even just on the street.
In this talk, we will expose again the experiences Borja talked previously at RootedCon (Spain) and Zack will tell about his experience as well and add as much new owned devices as possible.
Interactive kiosks, ticket-selling machines, ATMs... In this talk we will see what kind of computers are being offered to everyone who wants to.
All kinds of devices exposed to the hands of anyone in public and easily accessible. How secured are them? And what is more important ... In which networks are those devices connected to? In this talk we will talk about all this terminals which access has been obtained by escaping the legit applications, their locations, and methods used to access the underlying systems will be discussed.
The main point of the talk is to expose how it is possible to acquire control of the underlying system of this computers.
Memory error exploits have been around for quite some time now, but despite all the efforts to prevent these attacks, they are still one of the most commonly exploited vulnerabilities to get arbitrary code execution - sometimes even with system privileges - on a target machine. Most of the protections currently deployed are probabilistic, meaning that they can make the exploitation of memory errors harder and more time consuming, but they cannot prevent them deterministically. It turned out that ASLR can be bypassed with techniques such as heap spraying, and that stack canaries can be left untouched by simply overwriting pointers other than the return address. Furthermore, these security mechanisms rely on keeping the seed secret, which cannot always be assured.
We propose a technique that provides deterministic protection against all memory corruption attacks that perform full pointer overwrites to redirect the execution flow. The key ideas are address space partitioning, process replication and I/O synchronization. Deterministic protection can be achieved by making sure that any virtual memory address is only valid in one of the processes. Any memory corruption attack that attempts to redirect the execution flow by a pointer overwrite, cannot be successful in both processes. Since both processes are fed with the same input, it will result in a segmentation fault in one of the processes. By monitoring the processes at system call ganularity, it can be assured that malicious code cannot do any damage to the system.
A PoC was developed in the course of the research, which is published under the terms of the LGPL.
A key challenge in today's malware analysis is the use of evasions, a set of techniques that malicious artifacts use to determine if they are running inside analysis environments and to evade their detection.
In this talk, we will review evasion techniques found in-the-wild in binary and web-based malware (i.e., malicious web pages). We will also present two systems that we have introduced to detect and bypass common evasion techniques used in these contexts.
The talk will leverage our experience with doing malware analysis in a commercial settings at Lastline, as well as years of experience in running two academic malware analysis systems: Anubis (http://anubis.iseclab.org) and Wepawet (http://wepawet.cs.ucsb.edu).