How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?


Wednesday, April 24, 2013

PHDays III First Hands-on Labs: Cyber Forensics, Attacks Against SAP and Windows Kernel

ThePositive Hack Days III guests will enjoy not only interesting reports, CTF contests and competitions, but also numerous hands-on labs. The PHDays hands-on labs are practical tasks that are held under the slogan 'Deeds, not Words'. Under the guidance of the world's experts in information security, the audience will go deep into the topic and solve practical tasks on information security issues. To take part in the hands-on labs, you just need to have a basic grounding, thirst for knowledge and all the necessary equipment (laptop, RFID reader).

How to Develop a Secure Web Application and Stay in Mind?

This hands-on lab covers issues of ensuring web application security throughout the whole development cycle. It touches upon hands-on approaches to detection and elimination of code vulnerabilities. Such approaches comply with the recommendations of Microsoft Security Development Lifecycle. The hands-on lab will be interesting for web application developers and researchers, who want to gain experience in secure code construction and in security analysis of projects by means of white-box testing. It is based on Microsoft ASP.NET (Web Pages, Web Forms, MVC, Entity Framework, SignalR), however, it hardly focuses on environment features, so developers and researchers specializing in other web technology stacks may be also interested in it. Each vulnerability class is exemplified by zero-day vulnerabilities in well-known products, web engines and vulnerable web applications.

In the course of the practical part, the most interesting attacks as well as all considered practices and techniques of code handling will be demonstrated.

Presented by Vladimir Kochetkov, an expert of the Positive Research Center (Positive Technologies). Specializes in web application source code analysis and Microsoft technologies security research. Develops automation tools for web application security analysis. A member of the PHDays HackQuest developers team. Contributes to the project of development of the Nemerle programming language.

Sqlmap: Under the Hood

The speaker will present in-depth analysis of capabilities and inner workings of sqlmap. Features, resulted from years and years of hard work and careful listening to the requests of a large user's community, often taken for granted and/or hidden from a plain sight, will all be presented at one place.

Presented by Miroslav Štampar, a professional software developer and security researcher. Currently a PhD student there with majors in security and parallelization. Earned a prestige Microsoft Certified Solution Developer for Microsoft .NET certificate in 2007, and from that time he has been working for AVL (, the world's largest privately owned and independent company for the development of powertrain systems with internal combustion engines, as well as instrumentation and test systems. To satisfy his urge toward security related subjects, he is one of the developers at the widely used open source project for automated detection and exploitation of SQL injection flaws called sqlmap (, constantly developing and improving it since December of 2009.

Cyber Forensics: Basics

Network Forensics Labs

  • network forensics with xplico — demo, lab
  • network forensics with NetworkMiner
  • some challenges for all attendees

Memory Forensics Labs

  • live memory forensics — using DumpIT and Memorize by Mandiant
  • memory forensics from a cold computer (after being shut down)
  • labs

Disk image forensics with OSForensics (the free version) — demo, LAB - Challenge

Presented by Alexander Sverdlov, a professional security consultant and trainer. He created and presented the 5-day “Computer Crime and Fraud Prevention” course for Moneybookers (Skrill) and a custom course for ING Insurance Bulgaria. Participated in IT security audits, managed vulnerability reporting and remediation for Microsoft Windows servers, Unix servers and Database servers while working for HP Global Delivery Center EOOD. Alexander is a CEH, CHFI, MCSE and MCTS certified specialist. The author of numerous articles on information security. 

RFID Workshop

Enter the world of the NFC technology (Near Field Communication), focusing on high frequency RFID. Also, the low frequency band will be reviewed because of its well-known use in individual physical access to buildings.

The range of topics will vary from the use of traditional NFC 13.56 MHz readers, their API and proprietary software, to Proxmark3 hardware, open source software (LibNFC), known attacks and other RFID uses and practical ideas.

Part of the lab will focus on NXP MIFARE Classic technology, used worldwide for micropayments, building physical security and public transport.

Some case studies will also be considered, using different methodologies and lessons learned related to reverse and social engineering.

Presented by Nahuel Grisolía. He is a 27-year-old researcher from Argentina. Specializes in Web application security and hardware hacking. He has discovered vulnerabilities in McAfee Ironmail, VMWare and Manage Engine Service Desk Plus, and also in free software projects like Achievo, Cacti, OSSIM, Dolibarr and osTicket.

He has delivered trainings in a number of conferences around the world: BugCON (Mexico), H2HC (Brazil), Ekoparty (Argentina), OWASP events (Argentina), etc. He is half of an Information Systems Engineer and holds a CEH and a private pilot certification.

Shellcode Mastering

The hands-on lab will focus on the fundamentals of shellcode writing specifically for x86 processors, as well as main problems that arise in the course of shellcode creation and problem-solving techniques. The emphasis will be on creating minimum size shellcodes. An example of shellcode optimization will be provided. The participants of the hands-on lab will have a chance to put the acquired knowledge into practice by optimizing a shellcode piece themselves.

Presented by Anton Dorfman, a teacher and docent in Samara State Technical University (SSTU). He is an author of two academic programs: "Hardware and Software Information Security" and "Protection of Computer Information Processes".

He has been an organizer and playing coach of SSTU student teams partaking in CTF competitions since 2009. Teams' achievements: 1st (Magic Hat) and 3rd (0DEADBEEFh) places in the regional competition Volga CTF 2011, 2nd place in Volga CTF 2012, 11th place in the international competition iCTF 2011 (4th result among the Russian teams) together with the team Koibasta SSAU, 22nd place in RuCTFE 2012. Anton was the third in the contest Best Reverser at PHDays 2012.

Windows Kernel: Windows Kernel Boot Camp

Training plan

  • General training (adjusting your OS and debugging tools settings)
  • Weapon usage guide (developing WinDBG skills)
  • Terrain orientation (kernel information collecting)
  • Know your enemy (OS kernel protection mechanisms)
  • Combat tactics (exploitation peculiarities)
  • Exercises (an example of exploitation of a kernel component vulnerability)
Presented by Artem Shishkin, an information security specialist at Positive Technologies. Having started from system programming and obtaining the certificate MCTS: Windows Internals, he still focuses on Windows OS research, its internal mechanisms and vulnerabilities. Artem admires the kernel, pool corruptions, and synchronization. Doesn't like Intel SMEP, tries to avoid it.

Android Application Security

The hands-on lab will help the participants to master the main techniques of application security analysis and Google Android forensics. The hands-on lab will incorporate the demonstration of typical vulnerabilities, which the experts of Positive Technologies detect in the course of security analysis, including vulnerabilities in Chrome for Android fixed by Google recently and 0-day vulnerabilities.

Presented by Artem Chaikin, the lead specialist of the web applications security analysis team at Positive Technologies.

SAP Attack Methodology

SAP ABAP attack implementation

  • Detecting available SAP services (by IP range)
  • Connecting to Oracle without authentication
  • Brute force of service users’ passwords in Oracle
  • Detecting accounts (method from the CEH course)
  • Password hijacking via Wireshark
  • Brute force of passwords from USR02
  • Running OS level programs
  • RFC connections analysis (credentials storage)

Exploiting SAP NetWeaver 7.0 vulnerabilities

  • Detecting running Java services
  • Obtaining information by analyzing logs in a SAP Java applet (without authorization)
  • Obtaining and analyzing logs as an authorized user with minimum privileges (Java)
  • HTTP request forgery in SAP Java services
  • Obtaining OS access by exploiting vulnerabilities in services
  • Analyzing Java Secure Storage

Exploiting transport system vulnerabilities

  • Peculiarities of the landscape of SAP and transport subsystem
  • Creating administrative user via transport request forgery

Presented by Vyacheslav Mavlyanov, an information security expert at Positive Technologies.

P. S. For more information about the forthcoming hands-on labs, about reports and speakers, please visit the PHDays website.
P. P. S. Tickets are available here.


  1. This is my first time go to see at here and i am genuinely pleasant to read everything at one place.Keep writing informative and useful post like these one.

    1. I have read your blog its very attractive and impressive. I like it your blog.

      Java Training in Chennai Core Java Training in Chennai Core Java Training in Chennai

      Java Online Training Java Online Training Core Java 8 Training in Chennai Core java 8 online training JavaEE Training in Chennai Java EE Training in Chennai

    2. Java Online Training Java Online Training Java Online Training Java Online Training Java Online Training Java Online Training

      Hibernate Online Training Hibernate Online Training Spring Online Training Spring Online Training Spring Batch Training Online Spring Batch Training Online

  2. Thanks for sharing this valuable information.and I gathered some information from this blog. I did SAP Training in Chennai, at FITA Academy which offer best SAP Course in Chennai with years of experienced professionals.

  3. Hi friends,This is Christy from Chennai.Thanks for sharing this informative blog. I did Unix certification course in Chennai at Fita academy. This is really useful for me to make a bright career. Suppose if anyone interested to learn Best Unix Training Chennai please visit Fita academy located at Chennai.
    Unix Training Institutes in Chennai

  4. A commitment of thankfulness is all Hadoop Training in Chennai together for sharing this profitable web journal. Learn Oracle Training in Chennai French as a second vernacular is truly imperative for expert moreover understudies. So join our and get more information about French.

  5. A debt of gratitude is in order for sharing this Hadoop Training in Chennai useful web journal. Learn French as a second dialect is truly valuable for expert and also understudies. So join our and get more information about French.

  6. I feel satisfied to read your blog, you have been delivering a useful & unique information to our vision even you have explained the concept as deep clean without having any uncertainty, keep blogging.

    SAS Training in Chennai|SAS Course in Chennai|FITA Reviews|Python Training

  7. Thank you for this brief explanation and ver nice information. well, got a good knowledge. Have a nice idea, this is more helpful to me. This can gives the better performance.
    Hadoop Training in Chennai

  8. Thanku for sharing this posts..

    Informatica training, in the recent times has acquired a wide scope of popularity amongst the youngsters at the forefront of their career.
    Informatica online training in hyderabad

  9. phdays first yhands on labs nice posts..

    Hadoop online training in hyderabad.All the basic and get the full knowledge of hadoop.
    hadoop online training in hyderbad

  10. ph days iii first hands on labs cyber nic eposts...
    informatica online training

  11. Wonderful blog.. Thanks for sharing informative blog.. its very useful to me..

    iOS Training in Chennai


  12. Thanks for posting useful information.You have provided an nice article, Thank you very much for this one. And i hope this will be useful for many people.. and i am waiting for your next post keep on updating these kinds of knowledgeable things...Really it was an awesome article...very interesting to read..
    please sharing like this information......
    Android training in chennai
    Ios training in chennai


  13. Thanks for posting useful information.You have provided an nice article, Thank you very much for this one. And i hope this will be useful for many people.. and i am waiting for your next post keep on updating these kinds of knowledgeable things...Really it was an awesome article...very interesting to read..
    please sharing like this information......
    Web Development Company


  14. Thanks for posting useful information.You have provided an nice article, Thank you very much for this one. And i hope this will be useful for many people.. and i am waiting for your next post keep on updating these kinds of knowledgeable things...Really it was an awesome article...very interesting to read..
    please sharing like this information......
    Web Development Company


  15. Really it was an awesome article...very interesting to read..You have provided an nice article....Thanks for sharing..
    Web Design Company
    Web Development Company

  16. Are you looking for best website to download eBook torrents for free? Then Ebook Share will be the right place. ebookshare | kovalanj

  17. Thanks for sharing such informative article. Your article helped me to learn the features of digital marketing. Techfizy

  18. I like the post format as you create user engagement in the complete article. It seems round up of all published posts. Thanks for gauging the informative posts.
    cara menggugurkan kandungan

  19. Great post. May be you can create a list of items rather than paragraphs.

    Best Angular Training Institute in Chennai

  20. Nice information about test automation tools my sincere thanks for sharing post Please continue to share this post.

    fico interview questions

  21. Descargar pubg gratis es muy facil. compartir esta espectacular post!!!

  22. La verdad es que me ha resultado fácil entender esta post, Obstante puedes buscar siempre todos los desafíos de fortnite para completar los correctamente y conseguir todas las bien bonificaciones.