POC2011 - "Power of Community"
Home Notice Speakers Schedule Register Training Venue Events PastCon Contact
|
This page is on the update now. More stuffs will be added. # Archieves of POC2011
* All files are from POC2011 CD. Some updates are applied here, but not all. Videos are not available right now, but will be uploaded some day.
* BackTrack 5 R1 Korean version for POC2011 by Captain Hook - BT5R1-GNOME-64bit-KR-POC.iso
# Some Images of POC 2011
# Speakers of POC 2011 # Hubris, "Red Dawn(Analysis of Red Star Linux of North Korea)" Hubris is retired from the USAF, where he spent his last four years as a Computer, Network, Cryptography, and Telephone Switching Technician (2E2x1). His military qualifications include: Theater Battle Management Core Systems (TBMCS), Fedora System Administration, Sun Solaris, Combat Communications, Equipment Control Officer, Wire Dog. Hubris has spoken at Dartmouth University(RF-ID attack vectors, Modern Electronic Warfare), Hope(Hacking Terrorist Networks), Defcon2011(Modern Cyber Warfare), Phreaknic(Social Engineering), Pump-Con(Trolling for Sensitive Information), Toor Camp(Trolling for Sensitive Info).
Missions: Global War on Terrorism, Joint Expeditionary Force Experiment, Global Strike, maintained 24 hours Combined Air and Space Operations Center(CAOC)
Educating the listeners on the methods used by the elite North Korean hackers to gain access to the systems of the West. To show that North Korea is a serious threat to national security in the realm of cyber space. Demonstrate how to use their proprietary operating system as a attack os. To show the built in features of spyware, and how the enemy uses it to monitor its own citizins in North Korea. Finally how the Red Star Os can be taken over by a malicious user to undermine the Great Leader. For educational purposes only, All copys of Red Star os should be considered rooted by the DPRK!
# Michael Sutton, "Corporate Espionage for Dummies: The Hidden Threat of Embedded Web Servers" Michael Sutton has spent more than a decade in the security industry conducting leading-edge research, building teams of world-class researchers, and educating others on a variety of security topics. As Vice President of Security Research, Michael heads Zscaler ThreatLabZ, the research and development arm of the company. Zscaler ThreatLabZ is responsible for researching emerging topics in web security and developing innovative security controls, which leverage the Zscaler in-the-cloud model. The team is comprised of researchers with a wealth of experience in the security industry.
Prior to joining Zscaler, Michael was the Security Evangelist for SPI Dynamics where, as an industry expert, he was responsible for researching, publishing, and presenting on various security issues. In 2007, SPI Dynamics was acquired by Hewlett-Packard. Previously, Michael was a Research Director at iDefense where he led iDefense Labs, a team responsible for discovering and researching security vulnerabilities in a variety of technologies. iDefense was acquired by VeriSign in 2005. Michael is a frequent speaker at major information security conferences; he is regularly quoted by the media on various information security topics, has authored numerous articles, and is the co-author of Fuzzing: Brute Force Vulnerability Discovery, an Addison-Wesley publication. Michael holds a Masters degree in Information Systems Technology from George Washington University and a Bachelor of Commerce from the University of Alberta.
Today, everything from television sets to photocopiers have an IP address and an embedded web server (EWS) for device administration. Need to record a show? Start the DVR with a mobile app. Want a digital copy of a previously photocopied document? No problem. While embedded web servers are now as common as digital displays in hardware devices, sadly, security is not. What if that same convenience exposed photocopied documents online or allowed outsiders to record your telephone conversations? A frightening thought indeed.
Software vendors have beenforced to climb the security learning curve. As independent researchers uncovered embarrassing vulnerabilities, vendors had little choice but to plug the holes and revamp development lifecycles to bake security into products.Vendors of embedded web servers have faced minimal scrutiny and as such are at least a decade behind when it comes to security practices. Today, network connected devices are regularly deployed with virtually no security whatsoever.
The risk of insecure embedded web servers has been amplified by insecure networking practices. Every home and small business now runs a wireless network, but it was likely set up by someone with virtually no networking expertise. As such, many devices designed only for LAN access are now unintentionally Internet facing and wide open to attack from anyone, regardless of their location.
Leveraging the power of cloud based services, Zscaler spent several months scanning large portions of theInternet to understand the scope of this threat. Our findings will make anybusiness owner think twice before purchasing a wifi enabled?device. Well share the results of our findings, reveal specific vulnerabilities in a multitude of appliances and discuss how embedded web servers will represent a target rich environment for years to come. Additionally, wll unveil the latest iteration of brEWS, a free EWS scanner and crowd sourcing initiativedesigned to build a global database of EWS fingerprinting data. Traditionalsecurity scanners largely ignore EWSs and gathering appropriate fingerprinting data is a challenge as most reside on LANs where external scanning is not an option. As such, we are issuing a call to arms to collectively gather and share this information.
# Passket, "Some Tricks of Exploiting"
# redhidden, "Summary of Flash File Format & 0-days and Analysis of Real Malicious Flash File Attack" RedHidden is a security researcher who works for AhnLab. She is excellent at malicious code analysis, network traffic analysis, vulnerability analysis. She is the first woman speaker of POC!
The era of APT attack has arrived. APT(Advanced Persistent Threat) is a kind of attack whose main purpose is to steal core information of a specific company or organization through the persistent attack. Especially, the vulnerability of application document is used to attack the internal system with social engineering. In this presentation, she will introduce the structure of Flash file which can be used for APT attack as well as through the web attack, and analyze some important known 0-days. And from the perspective of analyst, she will introduce some techniques how to catch hold of the features of real malicious Flash(swf) files and how to analyze them with demo.
# silverbug, "Truth and Falsity of Various Services" Silverbug is a Security Researcher working in AhnLab, Inc. His main job is to analyze malware and vulnerabilities, and is interested in security threat research. He has participated in Defcon CTF finals and won hacking contests many times. His work and research were presented in POC2009 and POC2010.
Silverbug will present various security problems in WIFI and authentication through SNS messages in some web sites and real name authentication. He will also demonstrate jailbroken iOS and Android key/pattern unlock. And he will show CSRF and XSS attacks are easy to launch in some conditions.
# vessial, "A New Threat Based on Chinese P2P Network" vessial is a research scientist in IDT@ McAfee Labs, provide security detection solution for NIPS, focuses on protocol specification analysis, reverse engineering , P2P security research, Botnet & malware detection, mobile security etc.
In this presentation, he will disclose how to exploit Chinese biggest P2P network of Thunder launch a large-scale DDOS attack. And from this topic he will introduce the Thunder network architecture, and its design flaw and potential threat. He will let you know the truth with some demos.
# x82, "Android Rootkit & Touch Pad Based Keylogger" X82(You Donghun) is the director of smart platform security lab in Inetcop. He is also on his doctoral program in information security. He has given lectures to various national institutions and in seminars and conferences with various security related topics. He has written and publicized numerous security advisories and POC exploits since 2002. He also worked for SNOSOFT as a security advisor checking their security advisories and writing exploits. Check his website for more information.
We have seen various linux kernel hooking techniques of some pioneers. This presentation covers hooking techniques that can be used in linux kernel based on Android platform using ARM(Advanced RISC Machine) process. This presentation is composed of three parts. First part is the 4 hooking techniques that can be used on ARM linux kernels on any machine. Second one is about transforming existing linux kernel rootkit into a smart phone rootkit. The last part is how to access kernel via kmem device. It is necessary because the rootkits only work on certain version of kernels. The mottos of the presentation are 'smart' and 'simple'. He focuses on hooking by modifying the least kernel memory and by taking the simplest way. In addition, Touch pad keylogger that can be used on Android linux will be explained.
# Xu Hao & Chen Xiaobo, "Rootkit for iPhone & Ways to Launch a Real Attack" Chen Xiaobo is a research scientist of McAfee Labs. He participated in computer security since 2000, working on Scanner, HIPS products. Now he mainly focuses on vulnerabilities/new technologies for vulnerability exploitation and iOS exploitation.
Xu Hao now focuses on OSX/iOS software development and security research. Also he has more than 5 years experience on Windows security research. Main research areas: OSX/iOS/Windows security, Rootkit and malware, hardware virtualization technology, reverse engineering, smart card & PKI.
In this topic we will firstly introduce how to develop rootkit for iOS. The functions of rootkit will include retrieving location and key logger. We show the technique how to implement a backdoor in kernel level. After that, we intend to demonstrate way to install rootkit. So in this part, we take JBM3 as example. We will analyze the vulnerability used by it and show how to rewrite the exploit to install our rootkit. At the end, the DEMO will be shown.
# Yaniv Miron, "SCADA Dismal, or, Bang-bang SCADA" Yaniv Miron is an information security consultant and researcher currently working at "IL Hack" as a security consultant and researcher for major organizations. Yaniv is a senior instructor at the "IL Hack Institute" that teaches hacking classes in Europe. Yaniv is the founder of the largest Israeli hacking convention - IL.Hack. Yaniv is certified as a CISO from the Israel Institute of Technology and a Certified Locksmith. Yaniv spoke at security and hacking conferences all around the world (BlackHat/SyScan/CONFidence/HackerHalted/OWASP/IL.Hack). Yaniv is highly skilled with hands on penetration testing and security research and found many security vulnerabilities (Microsoft/Oracle/IBM).
Water, Oil, Nuclear, Electric, The air you breathe, wouldnt it be fun to hack into it? In this presentation I will show you the ease of hacking into the systems that runs our lives (SCADA - Supervisory Control And Data Acquisition), how weak are their protocols and how lame they are deployed. If you wanna play with the big boys systems - be in this SCADA hacking talk. A new tool will be reveled in the talk.
# zwell, "Introduction about the Unique Web Hacking Techniques of Chinese Hackers" zwell is the author of Pangolin(a sql injection test tool), and author of JSky(a web vulnerability scanner), and author of iiScan(first free online web security scanner of the world). He founded NOSEC. LTD. Now he works at Qihoo 360.
zwell will analize his famous SQL Injection tool, Pangolin in detail. And he will present web security testing techniques. In addition to these, he will talk about Chinese web security situation. He will also discuss what we can do together.
# Training Course
: passket(غ) : Finding 0-days : Black Box Vulnerability Testing for x86 Win32 Binary
- ҽڵ带 Ȳ x86迭 ̳ʸ ˷ ã ̾߱ մϴ. Ʈ̴ ڽ ũ 3 ̾߱ մϴ.
ù°, ֱ ǰ ִ α °, ̷ ȿ ãƳ °, ã ڵȭϰ ִ 鼭 ã ִ
Ʈ̴ ڽ Ⱓ Ͻô е ϰ ϴ α ε ߰Ͽ exploit ϰ ˴ϴ.
ڼ Ʈ̴ ڽ Ʒ ϴ.
[1] - α ߴ α ̸ ϰ ߴ° , ̸ ãؼ ߴ Ŀ - Ÿ α
[2] - α ¡ ݰ ã - exploit - ͷ ư غصξ ͵
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: silverbug(ֺ) : Practical Web Hacking
ó Ͼ ִ κ ݹ ŷ ̴. (HTTP) ο ȭǰ , ŭ ũ. ȸ ϳ ŷ 80%̻ ŷ̴.
[ǥ] ŷ ʿ ⺻ ϰ, ǽ ŷ ֵ Ѵ. ϴ ŷ ƴ ⺻ ˰ ŷغ. ŷ ƴ϶, Ͼ ˰, ս ִ Ѵ. Ʒ ???? ǹ ݰ ˾ƺѴ. ... ? ȸ ϱ н带 ٽ ? ? IExplorer â ٲ? ? ٿε , ϸ Ưڰ Ƿ ٲ? ? ActiveX Ⱦұ? ְ ? θ ߴµ? ̷ ǰھ? ͳݿ ִ º ߴµ... ݴ? ...
[] - HTTP Protocol - Server/Client Side Script - XSS/CSRF - SQL Injection - File Upload / File Download - LFI/RFI - HTTP Authentication - Command Injection - JavaScript KeyLogger / JavaScript Command Execute - Phishing - A Simpler Way of Finding 0day - .
# Events of POC2011
# "CD Capture The Flag" by Hackerschool(http://www.cdctf.com) - A hacking contest for under 13 years old - This covers hacking, security, programming-algorithm, quiz, etc. - Qualifying round: October 29, 2011(online, 10:00 ~ 22:00 KST) - Final round: Nov. 3(in the POC2011 event room, 10:00 ~ 20:00 KST)
# "Power of XX" by SISS(http://www.powerofxx.com) - A hacking contest for only women - Qualifying round: October 29, 2011(online, 10:00 ~ 22:00 KST) - Final round: Nov. 3(in the POC2011 event room, 10:00 ~ 20:00 KST)
# "Hack The Packet" by Bunny Black(http://www.hackthepacket.com) - A packet hacking contest based on network traffic dumps - 1st qulifying: October 18, 2011(online, 19:00 ~ 22:00 KST) - 2nd qulifying: Nov. 3(in POC2011 event room) - Final Round: Nov. 4(in POC2011 event room)
# "Hack My Mind" by Y0U&M3 - Quiz contest about hacking/security - Qulifying and final Round: Nov. 3 ~ 4(in POC2011 event room)
# "Hand Reversing" by SecurityFirst - Read printed assembly codes and guess the result! - Nov.3(in the POC2011 event room)
# "Hunt-and-peck Programmer" by SecurityFirst - You are an excellent programmer, but if you use our keyboard... - Nov. 3~4(in POC2011 event room)
# "Beat the Keyboard & Mouse" by SecurityFirst - Just beat as strong as you can. - Nov. 3~4(in POC2011 event room)
# "Multiplayer" by Guardian - Show your web, reversing, cryptography, and programming skill(in the POC2011 event room).
# "Power of Chaos" by Layer7 - Just enjoy(in the POC2011 event room)!
# "SSLStrip for POC" by gilgil - SSLStrip captures inbound and outbound HTTP traffic, analyzes in plain text format and notifies that important private information can be disclosed.
# Sponsors of POC2011
# Supporting Friends
|
Copyright(c) 2006 ~ 2012 Powerofcommunity All rights reserved.