![Black Hat Briefings, Europe 2007 [Audio] Presentations from the security conference. artwork](https://is2-ssl.mzstatic.com/image/thumb/Podcasts6/v4/cd/84/a6/cd84a61a-5a2c-3921-5862-404873333b71/mza_3708100355963059966.jpg/100x100bb.jpg)
Black Hat Briefings, Europe 2007 [Audio] Presentations from the security conference.
19 episodes - English - Latest episode: about 17 years ago -Past speeches and talks from the Black Hat Briefings computer security conferences.
Black Hat Briefings Europe was held March 27-30 at the Moevenpick Amsterdam Centre Hotel. Twdays, four different tracks. Roger Cumming, Head of Device Delivery and Knowledge at CPNI (Center for the Protection of National Infrastructure), spoke on "How can the Security Researcher Community Work Better for the Common Good."
A post convention wrap up can be found at http://www.blackhat.com/html/bh-europe-07/bh-eu-07-index.html
Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and global corporations with the underground's most respected hackers. These forums take place regularly in Las Vegas, Washington D.C., Amsterdam, and Tokyo.
Video, audiand supporting materials from past conferences will be posted here, starting with the newest and working our way back tthe oldest with new content added as available! Past speeches and talks from Black Hat in an iPod friendly .mp3 and mp4 h.264 192k videformat. If you want tget a better idea of the presentation materials gtohttp://www.blackhat.com/html/bh-media-archives/bh-archives-2007.html#eu_07 and download them. Put up the pdfs in one window while watching the talks in the other. Almost as good as being there!
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Jeff Moss and Roger Cumming: Welcome and Keynote.
May 04, 2007 20:37 - 57 minutes - 13.2 KBJeff Moss introduces the Keynote and welcomes everyone tthe Amsterdam 2007 conference! Roger will provide an overview of the work of CPNI in reducing vulnerability in information systems that form part of the UK. He will then challenge the community on a number of issues, including the development of the malicious market place, and the role security researchers in addressing vulnerabilities as used by a range of threat actors. Until 31 January 2007 Roger Cumming was Director of the Nation...
Alexander Sotirov: Heap Feng Shui in JavaScript
January 09, 2006 23:10 - 1 hour - 16.9 KB"Heap exploitation is getting harder. The heap protection features in the latest versions of Windows have been effective at stopping the basic exploitation techniques. In most cases bypassing the protection requires a great degree of control over the allocation patterns of the vulnerable application. This presentation introduces a new technique for precise manipulation of the browser heap layout using specific sequences of JavaScript allocations. This allows an attacker tset up the heap in ...
AugustPaes de Barros: New Botnets Trends and Threats
January 09, 2006 23:10 - 50 minutes - 8.74 KB"The last years have seen the growth of botnets and its transformation inta highly profitable business. Most of the botnets seen until now have used the same basic concepts. This presentation intends tshow what are the major challenges faced by botnet authors and what they might try in the future tsolve them. The presentation will pass through some interesting solutions for botnet design challenges. A layered and extensible approach for Bots will be presented, showing that solutions from ex...
Cesar Cerrudo: Data Theft - Hacking databases for owning your data
January 09, 2006 23:10 - 1 hour - 19.9 KB"Data theft is becoming a major threat, criminals have identified where the money is, In the lafrom fortune 500 companies were compromised causing lots of money losses. This talk will discuss the Data Theft problem st years many databases focusing on database attacks, we will show actual information about how serious the data theft problem is, we will explain why you should care about database security and common attacks will be described, the main part of the talk will be the demostration of...
DamianBolzoni and Emmanuele Zambon: NIDS: False Positive Reduction Through Anomaly Detection
January 09, 2006 23:10 - 49 minutes - 11.3 KB"The Achilles' heel of network IDSes lies in the large number of false positives (i.e., false attacks) that occur: practitioners as well as researchers observe that it is common for a NIDS traise thousands of mostly false alerts per day. False positives are a universal problem as they affect both signature-based and anomaly-based IDSs. Finally, attackers can overload IT personnel by forging ad-hoc packets tproduce false alerts, thereby lowering the defences of the IT infrastructure. Our th...
David Maynor and Robert Graham: Data Seepage: How tgive attackers a roadmap tyour network
January 09, 2006 23:10 - 1 hour - 13.9 KB"Long gone are the days of widespread internet attacks. What's more popular now are more directed or targeted attacks using a variety of different methods. Since most of these attacks will be a single shot styled attack attackers will often look for anyway tincrease the likelihood of success. This is where data seepage comes in. Unbeknownst ta lot of mobile professional's laptops, pdas, even cell phones can be literally bleeding information about a company's internal network. This can be d...
ERESI Team: Next generation debuggers for reverse engineering
January 09, 2006 23:10 - 1 hour - 13.8 KB"Classical debuggers make use of an interface provided by the operating system in order taccess the memory of programs while they execute. As this model is dominating in the industry and the community, we show that our novel embedded architecture is more adapted when debuggee systems are hostile and protected at the operating system level. This alternative modelization is alsmore performant as the debugger executes from inside the debuggee program and can read the memory of the host proces...
Joel Eriksson: Kernel Wars
January 09, 2006 23:10 - 53 minutes - 12.3 KB"Kernel vulnerabilities are often deemed unexploitable or at least unlikely tbe exploited reliably. Although it's true that kernel-mode exploitation often presents some new challenges for exploit developers, it still all boils down t""creative debugging"" and knowledge about the target in question. This talk intends tdemystify kernel-mode exploitation by demonstrating the analysis and reliable exploitation of three different kernel vulnerabilities without public exploits. From a defenders p...
Jonathan Wilkins: ScarabMon - Automating Web Application Penetration Tests
January 09, 2006 23:10 - 47 minutes - 10.8 KB"ScarabMon is a new tool and framework for simplifying web application pentests. It makes the process of finding many common webapp flaws much easier. The user simply navigates the target site while using the WebScarab proxy and ScarabMon constantly updates the user with information on discovered flaws. ScarabMon is written in Python and all code and modules will be released at the conference. ScarabMon is alseasily extensible, with useful checks often only requiring 5-10...
Kostya Kortchinsky: Making Windows Exploits more reliable
January 09, 2006 23:10 - 1 hour - 17.8 KB"When dealing with Windows exploits, an issue that often emerge is their cross-platform reliability, meaning they often work against either some given service packs of the OS, or some localization of the OS. It is quite rare tfind exploits that will work on a very wide range of Windows installs. While multiplying the number of targets in an exploit is often the solution found in the wild, it seems that nobody has yet disclosed a solution tfingerprint a Windows language, or discuss about cro...
Laurent Butti: Wi-Fi Advanced Fuzzing
January 09, 2006 23:10 - 55 minutes - 18.6 KB"Fuzzing is a software testing technique that consists in finding implementation bugs. Fuzzing Wi-Fi drivers is becoming more and more attractive as any exploitable security bug will enable the attacker trun arbitrary code with ring0 privileges (within victim's radicoverage). This presentation will describe all the processes involved in the design from scratch of a fully-featured Wi-Fi fuzzer. It will pinpoint all issues and constraints when fuzzing 802.11 stacks (scanning, bugs identificat...
Lluis Mora: SMTP Information gathering
January 09, 2006 23:10 - 55 minutes - 12.7 KB"The SMTP protocol, used in the transport and delivery of e-mail messages, includes control headers along with the body of messages which, as opposed tother protocols, are not stripped after the message is delivered, leaving a detailed record of e-mail transactions in the recipient mailbox. Detailed analysis of SMTP headers can be used tmap the networks traversed by messages, including information on the messaging software of clients and gateways. Furthermore, analysis of messages over time...
Ollie Whitehouse: GS and ASLR in Windows Vista
January 09, 2006 23:10 - 49 minutes - 11.3 KB"Introduction:The following presentation is twparts, the first covers aspects of Microsoft's GS implementation and usage. The second is a complementary section dealing with ASLR in Windows Vista, its implementation and some surprising results... Part I Synopsis: GS is a Visual Studicompiler option that was introduced in Visual Studi2002 tmitigate the local stack variable overflows that resulted in arbitrary code execution. The following paper details the methods Symantec used tassess which...
Philippe Langlois: SCTPscan - Finding entry points tSS7 Networks & Telecommunication Backbones
January 09, 2006 23:10 - 1 hour - 16 KB"SS7 has been a walled garden for a long time: only big telcwould be interconnected tthe network. Due tderegulation and a push toward all-IP architecture, SS7 is opening up, notably with SIGTRAN (SS7 over IP) and NGN (Next Gen Networks) initiatives. SCTP is the protocol used tcarry all telecom signalling information on IP according tthe SIGTRAN protocol suite. It's the foundation, as TCP is the foundation for the web and email. SCTP is alsused for high-performance clusters,...
StefanZanero: 360 Anomaly Based Unsupervised Intrusion Detection
January 09, 2006 23:10 - 1 hour - 17.7 KB"n this talk, after briefly reviewing why we should build a good anomaly-based intrusion detection system, we will briefly present twIDS prototypes developed at the Politecnicdi Milanfor network and host based intrusion detection through unsupervised algorithms. We will then use them as a case study for presenting the difficulties in integrating anomaly based IDS systems (as if integrating usual misuse based IDS system was not complex enough...). We will then present our ideas, based on ...
Sun Bing: Software Virtualization Based Rootkits
January 09, 2006 23:10 - 1 hour - 16.1 KB"This paper will show a extremely simple technique tquickly audit a software product in order tinfer how trustable and secure it is. I will show you step by step how tidentify half dozen of local 0day vulnerabilities in few minutes just making a couple of clicks on very easy tuse free tools, then for the technical guys enjoyment the vulnerabilities will be easily pointed out on disassembled code and detailed, finally a 0day exploit for one of the vulnerabilities will be demonstrated and expla...
Toshinari Kureha: Make My Day - Just Run a Web Scanner: Countering The Faults of Typical Web Scanners Through Byte-code Injection
January 09, 2006 23:10 - 36 minutes - 8.32 KB"Today, other than doing a full static analysis of the code, the most common practice tfind vulnerabilities in your web application is tget off-the-shelf automated web scanner, point ta URL, and hope that it's doing the right thing. But is it? How dyou know that the scanner exercised all the vital areas of your application? How accurate and complete are the results? Is relying on HTTP response the best way tfind all vulnerabilities in an application? What if there was a way tlook at what's ...
Adam Laurie: RFIDIOts!!! - Practical RFID hacking (without soldering irons)
January 09, 2006 23:10 - 53 minutes - 12.3 KBRFID is being embedded in everything... From Passports tPants. Door Keys tCredit Cards. Mobile Phones tTrash Cans. Pets tPeople even! For some reason these devices have become the solution tevery new problem, and we can't seem tget enough of them.... "Adam Laurie is Chief Security Officer and a Director of The Bunker Secure Hosting Ltd. He started in the computer industry in the late Seventies, working as a computer programmer on PDP-8 and other mini computers, and then on various Unix, Dos ...
Vipin Kumar and Nitin Kumar: Vboot Kit: Compromising Windows Vista Security
January 09, 2006 23:10 - 1 hour - 15.4 KB"Vboot kit is first of its kind technology tdemonstrate Windows vista kernel subversion using custom boot sector. Vboot Kit shows how custom boot sector code can be used tcircumvent the whole protection and security mechanisms of Windows Vista. The booting process of windows Vista is substantially different from the earlier versions of Windows.The talk will give you details and know abouts for the Vista booting process.Then, we will be explaining the vboot kit functionality and how it works....