Workshop
“Fuzzing Practical Applications”

Speaker: Omair

The workshop is for people starting up in fuzzing.

It highlights how finding bugs through fuzzing is rather easy and doesn't require high amount of skill.

It is oriented in a way to encourage fuzzing, for better Softwares(Yea, Right!).

  • Setting up Infrastructure
    • Loving your Hardware
    • Windows — Updates and the Bandwidth
    • Windows — îáíîâëåíèÿ è øèðèíà êàíàëà
  • Dumb Fuzzing (XLS/DOC)
    • Gathering Samples/Differentiating Samples
    • Effectiveness
    • Targeting Wrong Formats
    • Hands On — 10 line fuzzer and Exploitable Crashes
  • Smart Fuzzing (HTML)
    • Looking at the Past
    • Known Fuzzers, Known Bugs
    • IE vs. Firefox vs. Chrome
    • Hands On — HTML Fuzzer and the Grinder Framework
  • Fuzzy Logic and Basic Analysis
    • Too many crashes, Too many duplicates

Requirements for participants in the workshop:

  • 2-3 hour
  • Attendees will have to bring their own laptops capable of running a supplied VM

“Timing analysis”

Speaker: Roman Korkikyan

During the workshop we will recover secret keys of DES and AES software implementations by measuring its execution time. This cryptanalytic method is called Timing analysis. Timing analysis is the simplest method among all Side Channel Attacks. Mastering Timing analysis would allow you to understand advanced Side Channel Attacks that include Electromagnetic analysis, Differential Photonic Emission Analysis, and Differential Power Analysis.

Key topics:

  • Where does time variation come from?
  • When does execution time allow recovering the secret key?
  • How is performed the key recovery?

Requirements:

  • Knowledge of AES and DES implementations.
  • Standard math (vectors, correlation, Hamming distance).
  • Laptop with gcc compilator.
  • 4 hours

What you get before the workshop:

  • AES and DES software implementations
  • Databases that include plaintexts, ciphertexts and execution time.
  • The code for analysis where several lines are omitted in order to recover them during the workshop.

“An introduction to the use SMT solvers for software security”

Speaker: Georgy Nosenko

This workshop aims to acquaint students with the results of recent research in the area of code analysis using SMT-solvers.

During the training, participants will have the theoretical knowledge of the principles that underlie the techniques that researchers use to find vulnerabilities, exploit development, and reverse engineering. Then consolidate this knowledge into practice.

The goal

The goal of this workshop is to interest the students to SMT, give the basic knowledge necessary for the effective use of tools based on SMT-solvers.

Some topics:

  • basic use of SMT-solvers (z3);
  • symbolic\concolic execution;
  • intermediate language;
  • exploit generation;
  • protection analysis.

Participant will receive:

  1. Basics use of SMT-solvers:
    • Knowledge about SMT (What is SMT-solver?, How does it work? How to build a SMT-formula?)
    • Skills of expression of logical formulas with SMT-LIB.
  2. Software security assessment:
    • How do SMT-solvers may assist to find Integer Overflows vulnerability?
    • Skill of integer overflow checking;
    • Fuzzing and Symbolic/Concolic execution (conception, advantage, tradeoffs, limitation)
  3. Exploit generation:
    • How does ROP-compiler work?;
    • Skill of use a SMT-solver to assist build rop-chain;
  4. Protection analysis:
    • Skill of use the Binary Analysis Tools;
    • Automated keygen generation.

Requirements for student to workshop:

  • 2 hours
  • Computer with VMware Player 5

“BlackBox analysis of iOS apps”

Speaker: Dmitry 'D1g1' Evdokimov

As the popularity mobile application grows, so grows the demand for their security assessment and vulnerability search. Apple iOS devices are among the most popular products on the market. A lot of software of all kinds is created for those devices, from entertainment to banking and business applications.

In this workshop, we will acquaint ourselves with the structure of iOS applications, with the approach to searching for iOS vulnerabilities without source code analysis, and with the tools that can help us.

Features:

  • iOS structure (design, Objective-C, ARM, security mechanisms, jailbreak, ...)
  • iOS applications (the Mach-O format, application design, …)
  • Basic iOS vulnerabilities
  • Static and dynamic iOS analysis tools

Participants will receive:

  • An understanding of how iOS and iOS apps work
  • Basic knowledge about iOS vulnerabilities
  • The skills of using the basic tools for finding vulnerabilities in iOS apps

Requirements for participants in the workshop:

  • 2 hours
  • Jailbroken iOS device

“Advanced Threats Reverse Engineering”

Speakers: Aleksandr Matrosov, Eugene Rodionov

The workshop is devoted to analysis of malware created using object oriented programming languages. In recent time we see a large spike of complex threats with elaborate object-oriented architecture among which the most notorious examples are: Stuxnet, Flamer, Duqu. The approaches to analysis of such malware are rather distinct compared to the malware developed using procedural programming languages. The authors will consider the examples written in C++ and compiled with MS Visual C++.

In the workshop the authors will share with participants experience of reverse engineering object-oriented code which they’ve accumulated over the recent years while performing analysis of complex threats.

Topics:

  • introduction into object-oriented code reverse engineering: calling conventions, compiler transformations, system structures (vftables, RTTI) and etc.
  • using static code analysis tools for reconstructing complex data types
  • automating C++ code reverse engineering using IDA Python and Hex-Rays Decompiler SDK
  • methodology of object type reconstruction using Hex-Rays Decompiler extensions (HexRaysCodeXplorer)
  • analysis of malware with object-oriented architecture (C++) and position independent code: STuxnet, Flame, Gapz

Participants will receive:

  • understanding of object-oriented and position independent code with respect to reverse engineering
  • practical experience of using IDA Pro and Hex-Rays Decompiler for reconstructing complex data types
  • basics of developing plugins for Hex-Rays Decompiler
  • practical experience of complex threat analysis: Stuxnet, Flamer, Gapz

Requirements for participants in the workshop:

  • 4 (5) hours

“Hacking HTML5”

Speaker: Krzysztof Kotowicz

HTML5 is here, introducing ton of advanced functionality and plethora of new quirks. Novel web application are created, browser vendors compete implementing cutting-edge features. History shows that whenever new technology is rapidly adopted, security suffers, and it is not different this time.

This workshop will introduce you to HTML5 technology stack, giving you solid understanding of modern web applications and exploiting them. Focus is given to practical solutions, demonstrating tools, bypasses and offensive techniques. It's not yet another OWASP TOP 10 & XSS with «img src=x onerror» type of thing. This course teaches brand new techniques — to name the few, you will need to bypass browser XSS filters, hijack communication, exploit FTP servers through browsers and prepare your own clickjacking campaign.

Plan:

  • Same Origin Policy — quirks, flavors and bypasses
  • XSSing with HTML5 — twisted vectors and amazing exploits
  • Exploiting Web Messaging
  • Attacking with Cross Origin Resource Sharing
  • Targeting Client side storage and Offline Cache Poisoning
  • Using WebSockets for attacks
  • In-browser exploits for tunneled TCP servers
  • Iframe sandboxing & clickjacking
  • Bypassing Content Security Policy
  • Webkit XSS Auditor & IE Anti-XSS filter — behind the scenes

Target audience:

  • penetration testers
  • security professionals
  • frontend web developers
  • JavaScript developers

Requirements for participants to workshop:

  • 4 hours
  • Web security knowledge (basic TCP/IP, HTTP protocol, HTML, XSS, CSRF, client side security) and practical experience with common toolkit (intercepting proxies, Linux command line, scripting, netcat) is required, as the workshops will be pretty intense. JavaScript programming skills and various browser debugging tools (Firebug etc) familiarity are recommended. VM machine (VirtualBox) with necessary tools will be provided, though standard Linux box with current browsers (Chrome / Firefox / Opera) installed will be enough to get you started

Organizers:
Official support:
With participation of:
Gold sponsor:
Silvers sponsor:
Official beverage:
General Media Partner:
Gold Media Partner:
Media Partners:
Information Partners: