HIGHLIGHTS DER APPSECEU UND HACK IN THE BOX · 2020. 1. 17. · • Bas Venis 21-07-2015 62. Münchner OWASP-Stammtisch 16 . MY SCHEDULE • Stegosploit: Hacking with Pictures •

6 2 . M Ü N C H N E R O WA S P S TA M M T I S C H

HIGHLIGHTS DER APPSECEU UND HACK IN THE BOX

21-07-2015 62. Münchner OWASP-Stammtisch 2

APPSECEU 2015

ÜBERBLICK

•  Agenda •  Trainings •  2015-05-19 – 2015-05-20

•  Tracks •  2015-05-19 – 2015-05-20 •  DEV,OPS,HACK,CISO,HACKPRA

•  Social Event •  Dinner@Nemo

•  Rates •  75/350/400 •  75/500/550

21-07-2015 62. Münchner OWASP-Stammtisch 3

MY SCHEDULE

•  50 Shades of AppSec •  Troy Hunt

•  Hard knock lessons on bug bounties •  Jonathan Cran

•  Rise of the Machines •  Yossif Daya

•  Server-side browsing considered harmful •  Nicolas Grégoire

21-07-2015 62. Münchner OWASP-Stammtisch 4

MY SCHEDULE

•  Dark Fairytales from a Phisherman •  Michele Orrù

•  Security and Insecurity of HTTP Headers •  Dirk Wetter

•  PDF – Mess with the Web •  Alex Infuhr

21-07-2015 62. Münchner OWASP-Stammtisch 5

50 SHADES OF APPSEC

•  „Everybody can become a hacker“ •  LOIC

•  Security Fails •  Educating developers •  Stackoverflow •  Insecure Code Samples

21-07-2015 62. Münchner OWASP-Stammtisch 6

Troy Hunt

HARD KNOCK LESSONS ON BUG BOUNTIES

•  Bugcrowd Erfahrungen •  Can I start a bug bounty program? •  What is the scope? •  How do you handle reports? •  Rewards?

21-07-2015 62. Münchner OWASP-Stammtisch 7

Jonathan Cran

RISE OF THE MACHINES

•  Akamai experience with Crawlers/Scraper •  Detection •  Signatures •  Profiling

•  Mitigation/Management •  Block •  Throttle •  Allow

21-07-2015 62. Münchner OWASP-Stammtisch 8

Yossif Daya

SERVER-SIDE BROWSING CONSIDERED HARMFUL

•  Server-side attacks •  Bug Bounty examples

21-07-2015 62. Münchner OWASP-Stammtisch 9

Nicolas Grégoire

DARK FAIRYTALES FROM A PHISHERMAN

•  Presentation of PhishLulz •  PhishingFrenzy •  BeEF

•  Phishing Fairytales

21-07-2015 62. Münchner OWASP-Stammtisch 10

Michele Orrù

SECURITY AND INSECURITY OF HTTP HEADERS

•  Information Disclosure •  HSTS •  Public-Key-Pins •  X-Content-Type-Options •  X-Frame-Options •  X-XSS-Protection •  Content-Security-Policy

21-07-2015 62. Münchner OWASP-Stammtisch 11

Dirk Wetter

PDF – MESS WITH THE WEB

•  PDF Specs •  Protection •  Attack Vectors •  No bug = no fix

21-07-2015 62. Münchner OWASP-Stammtisch 12

Alex Infuhr

PRESERVING ARCADE GAMES

•  Erhaltung von Oldie-Games •  Kopierschutz 80er •  Hardwareschutz

21-07-2015 62. Münchner OWASP-Stammtisch 13

Ange Albertini

21-07-2015 62. Münchner OWASP-Stammtisch 14

ÜBERBLICK

•  Agenda •  Trainings •  2015-05-26 – 2015-05-27

•  Tracks •  2015-05-28 – 2015-05-29 •  Track1, Track2, Labs

•  Rates •  299/999 •  299/1499

21-07-2015 62. Münchner OWASP-Stammtisch 15

MY SCHEDULE

•  Illusory TLS: Impersonate, Tamper, and Exploit •  Alfonso de Gregorio

•  How many Million BIOSes would you like to exploit •  Corey Kallenberg, Xeno Kovah

•  Exploiting Browsers the Logical Way •  Bas Venis

21-07-2015 62. Münchner OWASP-Stammtisch 16

MY SCHEDULE

•  Stegosploit: Hacking with Pictures •  Saumil Shah

•  Powershell for Penetration Testers •  Nikhil Mittal

•  Mozilla InvestiGator •  Julien Vehent

21-07-2015 62. Münchner OWASP-Stammtisch 17

ILLUSORY TLS: IMPERSONATE, TAMPER, AND EXPLOIT

•  Underhanded Crypto Contest entry •  Young and Yung elliptic curve asymmetric

backdoor in RSA key generation •  Attacker controlled PRNG seed •  „The upper order bits of the RSA modulus encode the

asymmetric encryption of a seed generated at random“

21-07-2015 62. Münchner OWASP-Stammtisch 18

Alfonso de Gregorio

HOW MANY MILLION BIOSES WOULD YOU LIKE TO EXPLOIT

•  BIOS-Rootkit LightEater •  Infect System Firmware •  System Management Mode

21-07-2015 62. Münchner OWASP-Stammtisch 19

Corey Kallenberg, Xeno Kovah

EXPLOITING BROWSERS THE LOGICAL WAY

•  Samples of Logic Bugs •  CVE-2014-0508 •  Read local file and send

•  CVE-2014-0535 •  Now with access to remote files

•  CVE-2014-0554 •  Recycled CVE-2014-0508

21-07-2015 62. Münchner OWASP-Stammtisch 20

Bas Venis

STEGOSPLOIT: HACKING WITH PICTURES

•  Deliver Browser Exploit using pictures •  Stylish •  Undetected

•  CANVAS+JS •  Polyglot (image/js)

•  Time-shifted delivery

21-07-2015 62. Münchner OWASP-Stammtisch 21

Saumil Shah

POWERSHELL FOR PENETRATION TESTERS

•  This workshop would help anyone who wants to know more about PowerShell from a security perspective

•  https://github.com/samratashok/nishang

21-07-2015 62. Münchner OWASP-Stammtisch 22

Nikhil Mittal

MOZILLA INVESTIGATOR

•  Forensics framework built by OpSec •  „Query a pool of endpoints to verify the presence of a

specific indicators“ •  „Provide strong authentication of investigators“

•  http://mig.mozilla.org/

21-07-2015 62. Münchner OWASP-Stammtisch 23

Julien Vehent

21-07-2015 62. Münchner OWASP-Stammtisch 24

HITB HAXPO

ÜBERBLICK

•  Agenda •  Briefings •  2015-05-26 – 2015-05-27

•  CTF •  No charge

21-07-2015 62. Münchner OWASP-Stammtisch 25

HIGHLIGHTS

•  Minix 3 - A Reliable and Secure Operating System •  Andrew S. Tanenbaum

•  The A-to-Z of CyberSecurity – as a Kid Understands It •  Reuben Paul

21-07-2015 62. Münchner OWASP-Stammtisch 26

21-07-2015 62. Münchner OWASP-Stammtisch 27