HackCon#7 - 2012

HackCon#7 - 2012

Her finner du programmet til HackCon#7 og preHackCon#7.

Mandag og Tirsdag (26. - 27. | 3 | 2012)

 09.00 - 17.00 PreHackCon#7


 1) Kurs I - Exploit Lab
 2) Kurs II - Mobile Lab
 3) Kurs III - Microsoft days


17.00 - 18.30 Registrering HackCon#7

Onsdag 28 | 3 | 2012

08.15 Dørene åpnes

08.15 - 09.00 Registrering HackCon#7

09.00 - 09.15 Administrativ informasjon
Gjennomgang av agenda for HackCon#7 og praktisk informasjon.

09.15 - 10.00 From Printer to Pwnd "Leveraging multifunction printers during penetration testing" - USA

In this presentation, with demos, we go beyond the common printer issues and focus on harvesting data from multifunction printer (MFP) that can be leveraged to gain access to other core network systems.


By taking advantage of poor printer security and vulnerabilities during penetration testing we are able to harvest a wealth of information from MFP devices including usernames, email addresses, and authentication information including SMB, Email, LDAP passwords. Leveraging this information we have successful gained administrative access into core systems including email servers, file servers and Active directory domains on multiple occasions.


We will also explore MFP device vulnerabilities including authentication bypass, information leakage flaws and attacking firmware upgrade patching process to gain root level access to certain MFP devices. Tying this altogether we will discuss the development of an automated process for harvesting the information from MFP devices with an updated release of our tool PRAEDA. After this session you will be better off to secure your system and nettwork.


The presentation will be held by Deral Heiland, CISSP. Deral serves as a Senior Security Engineer where he is responsible for security assessments, and consulting for corporations and government agencies. In addition, Deral is the founder of Ohio Information Security Forum a not for profit organization that focuses on information security training and education. Deral is also a member of the foofus.net security team, and has presented at numerous international conferences. Deral has over 18 years of experience in the Information Technology field.

10.15 - 11.00 I'm Still Port Scanning Without Sending Packets - USA/Thailand

With auto-configuration protocols now being added to operating systems and implemented by default in your network devices, hosts are now actively advertising their available attack surfaces to anyone listening on the network.


By collecting background traffic on the network, and analyzing it, we can perform a host discovery, a port scan, and a host profile which even includes configuration information; all without sending any packets. This means that threats both inside and outside your network can assess and target your network hosts silently without leaving a trail.


In this session, we?ll review the work that I originally presented at DefCon 19, expand on it by adding additional protocols, examine typical network traffic to see what is made available to us, use my updated tools to utilize this information in an actual attack against a vulnerable network host, and finally finish our time discussing what you can as a network defender do about it. Don't miss it!


The presentation will be held by Gregory Pickett, CISSP, GCIA, GPEN, also known as rogu3ag3nt. Gregory is an Intrusion Analyst for Fortune 100 companies by day and a penetration tester by night. As a penetration tester, his primary areas of focus and occasional research are network and host penetration testing with an interest in using background network traffic to target and exploit network hosts using their own traffic against them. He holds a B.S. in Psychology which is completely unrelated but interesting to know. While it does nothing to contribute to how he makes a living, it does demonstrate how screwed up he actually is.

11.15 - 12.00 Dissecting the State of Present Day Malware - US

Malware is increasingly becoming aggressive with the advent of new exploitation techniques. Third Generation Botnets (TGBs) such as SpyEye and Zeus exhibit rapid advancements in the malware design and implementation techniques used to spread infections. In addition to this, bot wars in which one bot kills other to gain authority are happening at a rapid pace.


Things have changed in the malware world. This talk sheds light on the robust exploitation techniques used by the malware such as PDEF+, Ruskill, and Formgrabbing etc with extensive details. TGBs use well defined Bot Development Kit (BDK) for writing malicious plugins. In relation to this, data exfiltration strategies will be discussed in detail in which design and execution of plugin architecture will be presented. Primarily, the nature of malware is better revealed by visualization. This talk has a good set of live demonstrations for showing exploitation tactics of the present day malware. After this session you will be better off to secure your system and nettwork.


Presentation is held by Aditya K Sood. Aditya is a senior security researcher and PhD candidate at Michigan State University. He has already worked in the security domain for years, and also a founder of SecNiche Security Labs. He has been an active speaker at industry conferences and has written content for HITB Ezine, Hakin9, ISSA, ISACA, CrossTalk, Usenix Login, and Elsevier Journals such as NESE and CFS. He is also a co author for debugged magazine.

12.00 - 13.00 Lunsj

13.00 - 13.45 There's An App For That: Pentesting Moble Applications - US

Smartphone (from wikipedia); A smartphone is a mobile phone that offers more advanced computing ability and connectivity than a contemporary feature phone. Smartphones and feature phones may be thought of as handheld computers integrated with a mobile telephone, but while most feature phones are able to run applications based on platforms such as Java ME, a smartphone usually allows the user to install and run more advanced applications.


Smartphones run complete operating system software providing a platform for application developers. Thus, they combine the functions of a camera phone and a Personal digital assistant (PDA).


Said that; Let's own one - shall we.....


In session we will;


 ... * Building the Android/iPod/iPhone/iPad environment
 ... * Using Android/iPod/iPhone/iPad as a Pentest Platform
 ... * Reverse Engineering Android/iPod/iPhone/iPad Apps
 ... * Exploiting Android/iPod/iPhone/iPad Apps
 ... * Attacking Web Services via Android/iPod/iPhone/iPad Apps


After this session you will be better off to secure your mobile systems.


Presentation will be held by Joseph McCray. Joe has 10 years of experience in the security industry with a diverse background that includes network and web application penetration testing, forensics, training, and regulatory compliance. Joe is a frequent presenter at security conferences, and has taught the CISSP, CEH, CHFI, and Web Application Security at Johns Hopkins University (JHU), University of Maryland Baltimore College (UMBC), and several other technical training centers across the country (US).


Thy words above don't justify this presentation. It's in fact very hard to describe it - we highly recommend you to participate this presentation as it's to the point and explain security in the manner of rhythm and blues (you will understand this expression when you participate the session).

14.00 - 14.45 Hacking a Mature Security Program - US

Most organizations are acclimated to the standard penetration tests we see in the industry. For those companies that have proactively been increasing their overall security posture through years of program maturity and hard work need something different. This talk will cover tailoring a penetration test based on the security level of the target and ripping through their security environment with some crazy sophistication.


We'll be going into depth on the future of penetration testing through the Penetration Testing Execution Standard (PTES) and what it takes in order to elevate your security posture in today's crazy world. This is a technical talk, not for the faint of heart, and some direction on where we need to head in the security industry. After this session you will be better off to test your system and nettwork.


Presentation will be held by Dave Kennedy (ReL1K). Dave is responsible for ensuring the overall physical and logical security of a Fortune 1000; publicly traded company. Dave also runs the security consulting practice at Diebold which is focused on enhancing and building security for large and mid-sized organizations. Dave is the creator of the Social-Engineer Toolkit (SET), an open-source penetration testing tool for social-engineering.


Dave is the co-founder of DerbyCon, a large-scale security conference located in Louisville Kentucky. Dave is the co-author of Metasploit: The Penetration Testers Guide book which has been number one in security on Amazon for over 6 months. Prior to Diebold, Dave worked for the United States Marine Corps (USMC) and the intelligence field working on information warfare activities.

15.00 - 15.45 På innsiden av hackermiljøene - Norge

2011 blir av mange sett som "hackerens år". Hacktivister - hackere som bruker onlineverdenen som arena for sin aktivistvirksomhet - har satt multinasjonale konserner, NATO, CIA, FBI og andre lands myndigheter på hodet. Hackerne, mange av dem tenåringsgutter, spilte også en vesentlig rolle under den arabiske våren. I Norge hacket hackergruppen Noria dessuten twitter- og epostkontoene til Anders Behring Breivik etter terrorangrepene 22. juli.


Frilansjournalist, forfatter og nå TV2-reporter Kjetil Stormark har fulgt det norske og internasjonale hackermiljøet tett siden april 2011. Han vil i dette foredraget gi oss en innsikt i de ulike nasjonle og internasjonale hackermiljøene.

16.00 - 17.00 Cars, busses, and airplanes - US

Are your safe when you travel? Building on the concept of taking security out of the desktop and server closets from 2010 when we attacked cars and busses... and then earlier this year when we picked on tractors... we are going to see if we can get ourselves into some hot water by picking on airplanes and missiles. This talk will examine the role of the computer systems in the modern cars, busses, and plane and the challenges surrounding the implementation of the security in the core systems.


We are going to focus on the commercial world of passenger transportation, however will touch upon the military crossovers where fully understood. We will discuss the data acquisition and modeling architectures as well as the BUS and core logic systems that are implemented within several systems.


This session have even more surprises, but we will not disclose it this time - you have to be at HackCon to learn about how to protect yourself and your business. All we can say - you should not miss this session - you need it for your safe travel.

17.15 – 18.15 Hide and Seek, Zoz – US

18.15  - 23.00 Sosial kveld

23.00 Dørene stenges


Onsdag 28 | 3 | 2012

08.15 Dørene åpnes

09.00 – 09.45 utforinger med sosiale media – Norge

10.00 – 10.45 Top 10 security risk – India

11.00 – 11.45 Advanced Data Exfiltration – Israel

11.45 – 12.45 Lunsj og loddtrekning

12.45 – 13.30 Web application analysis with OWASP Hatkit – Sverige

13.45 – 14.30 Behavioral Clustering – Norge

14.30 HackCon#7 slutt


- - - - 0 0 0  - - - -


1) Kurs I - Exploit Lab
The Exploit Laboratory is an intense hands-on class, where we shall be covering a wide variety of concepts on analyzing vulnerabilities and developing your own exploits.


2) Kurs II - Mobile Lab
This is a 2-day workshop focused on hands-on mobile application security testing. The first day of the course starts you off with setting up your environment (emulator/sdk/hardware/etc. From there the course goes into the basics of reverse engineering mobile applications, exploiting mobile applications on each respective platform, and finally on to attacking web applications, and web services on each platform.


3) Kurs III - Microsoft days

Identitets- og tilgangskontroll

Gode regler for hvem i en organisasjon som skal ha tilgang til ulik type informasjon er helt nødvendig å ha på plass. Klassifiser gjerne informasjonen og data i ulike grupper med forskjellige regler. (Finans, personal, salg etc) Når brukere kan få tilgang til bedriftens data fra en mengde ulike enheter, er det påkrevd at IT løsningen kan validere at det faktisk er en godkjent bruker som leser eller endrer innhold (Forefront Identity Management, ADFS2 og federering med f.eks AltInn og MinSide eventuellt andre skytjenester)


Presenter: Lars Svendsen – Technical Solution Professional – Identity & Access - Microsoft


Tjenestens sikkerhetsnivå
Som en del av risiko og sårbarhetsanalysen bør det også vurderes hvilket sikkerhetsnivå de ulike sosiale nettverkene har, og utarbeide rutiner for hvilken informasjon som skal deles eller lagres på disse tjenestene. (Windows Server 2008 Hardnening, HyperV, Privat Cloud - hva er dette og hvordan sikre slike løsninger, SDL prosessen for egne løsninger).

Presenter: Paula Januszkiewicz, CQURE CEO, MCT, MVP Enterprise Security

Klientens sikkerhetsnivå
Når bedriften skal håndtere flere ulike enheter bør det være et krav at disse har en viss grad av beskyttelse mot ondsinnet programvare og gjerne også kryptering, selv om det er private enheter som benyttes. I de fleste tilfeller av datatap eller datainnbrudd, skjer dette via datamaskinen eller smarttelefon til en ansatt. Det bør også vurderes å ha et system som kan håndtere flere ulike enheter og sjekke status på disse før det gis tillatelse til å koble seg opp til bedriftens tjenester (Windows 7 Hardnening, Applocker, Bitlocker, Direct Access, System Management, System Center 2012 preview, hvordan ha poilicy på ulike enheter fra f.eks Apple and Google).


Presenter: Paula Januszkiewicz, CQURE CEO, MCT, MVP Enterprise Security

Beskyttelse av informasjon
Det kan være ulike nivå på tilgangskontroll og ulik grad av kryptering? Både ved lokal lagring og for dokumenter som skal sendes i for eksempel e-post. Det bør også settes opp regler og systemer for monitorering av konfidensiell informasjon slik at misbruk og tap av data unngås (Information Management, Hvordan bruke IRM/RMS, eventuellt DLP teknologi for å beskytte informasjon i transit og «at rest»).


Presenter: Havard Pettersen. Principal Consultant, Microsoft Consulting Services.


Gjennom to hele dager vil man gå gjennom i dybden de problemstillingene som er beskrevet ovenfor.
Dette er en ulik mulighet for å få dybdeinnsikt i problemstillingene.