How to Develop a Secure Web Application and Stay in Mind?
Sqlmap: Under the Hood
Presented by Miroslav Štampar, a professional software developer and security researcher. Currently a PhD student there with majors in security and parallelization. Earned a prestige Microsoft Certified Solution Developer for Microsoft .NET certificate in 2007, and from that time he has been working for AVL (www.avl.com), the world's largest privately owned and independent company for the development of powertrain systems with internal combustion engines, as well as instrumentation and test systems. To satisfy his urge toward security related subjects, he is one of the developers at the widely used open source project for automated detection and exploitation of SQL injection flaws called sqlmap (www.sqlmap.org), constantly developing and improving it since December of 2009.
Cyber Forensics: Basics
Network Forensics Labs
- network forensics with xplico — demo, lab
- network forensics with NetworkMiner
- some challenges for all attendees
Memory Forensics Labs
- live memory forensics — using DumpIT and Memorize by Mandiant
- memory forensics from a cold computer (after being shut down)
Disk image forensics with OSForensics (the free version) — demo, LAB - Challenge
The range of topics will vary from the use of traditional NFC 13.56 MHz readers, their API and proprietary software, to Proxmark3 hardware, open source software (LibNFC), known attacks and other RFID uses and practical ideas.
Part of the lab will focus on NXP MIFARE Classic technology, used worldwide for micropayments, building physical security and public transport.
Some case studies will also be considered, using different methodologies and lessons learned related to reverse and social engineering.
Presented by Nahuel Grisolía. He is a 27-year-old researcher from Argentina. Specializes in Web application security and hardware hacking. He has discovered vulnerabilities in McAfee Ironmail, VMWare and Manage Engine Service Desk Plus, and also in free software projects like Achievo, Cacti, OSSIM, Dolibarr and osTicket.
He has delivered trainings in a number of conferences around the world: BugCON (Mexico), H2HC (Brazil), Ekoparty (Argentina), OWASP events (Argentina), etc. He is half of an Information Systems Engineer and holds a CEH and a private pilot certification.
Presented by Anton Dorfman, a teacher and docent in Samara State Technical University (SSTU). He is an author of two academic programs: "Hardware and Software Information Security" and "Protection of Computer Information Processes".
He has been an organizer and playing coach of SSTU student teams partaking in CTF competitions since 2009. Teams' achievements: 1st (Magic Hat) and 3rd (0DEADBEEFh) places in the regional competition Volga CTF 2011, 2nd place in Volga CTF 2012, 11th place in the international competition iCTF 2011 (4th result among the Russian teams) together with the team Koibasta SSAU, 22nd place in RuCTFE 2012. Anton was the third in the contest Best Reverser at PHDays 2012.
Windows Kernel: Windows Kernel Boot Camp
- General training (adjusting your OS and debugging tools settings)
- Weapon usage guide (developing WinDBG skills)
- Terrain orientation (kernel information collecting)
- Know your enemy (OS kernel protection mechanisms)
- Combat tactics (exploitation peculiarities)
- Exercises (an example of exploitation of a kernel component vulnerability)
Android Application Security
The hands-on lab will help the participants to master the main techniques of application security analysis and Google Android forensics. The hands-on lab will incorporate the demonstration of typical vulnerabilities, which the experts of Positive Technologies detect in the course of security analysis, including vulnerabilities in Chrome for Android fixed by Google recently and 0-day vulnerabilities.
Presented by Artem Chaikin, the lead specialist of the web applications security analysis team at Positive Technologies.
SAP Attack Methodology
- Detecting available SAP services (by IP range)
- Connecting to Oracle without authentication
- Brute force of service users’ passwords in Oracle
- Detecting accounts (method from the CEH course)
- Password hijacking via Wireshark
- Brute force of passwords from USR02
- Running OS level programs
- RFC connections analysis (credentials storage)
Exploiting SAP NetWeaver 7.0 vulnerabilities
- Detecting running Java services
- Obtaining information by analyzing logs in a SAP Java applet (without authorization)
- Obtaining and analyzing logs as an authorized user with minimum privileges (Java)
- HTTP request forgery in SAP Java services
- Obtaining OS access by exploiting vulnerabilities in services
- Analyzing Java Secure Storage
Exploiting transport system vulnerabilities
- Peculiarities of the landscape of SAP and transport subsystem
- Creating administrative user via transport request forgery
Presented by Vyacheslav Mavlyanov, an information security expert at Positive Technologies.
P. S. For more information about the forthcoming hands-on labs, about reports and speakers, please visit the PHDays website.
P. P. S. Tickets are available here.