Aditya K Sood Aditya K Sood
About Aditya K Sood
Founder, SecNiche Security ( Website: http://www.secniche.org )
  • Independent Security Researcher having experience of more than 5 years. Love to work on Reverse Engineering , Incore protocol analysis , Web application insecurities , penetration testing.
  • Initiated Cutting Edge Research for Web Application Security. A Project to anlyze vulnerability vectors in web application. The research is featured at FIRST as Global Security news. Website: http://cera.secniche.org.
  • Running my own research labs i.e. Mlabs:Digital Intelligence. The lab holds my Research work. Website: http://mlabs.secniche.org
  • Release number of advisories related to GOOGLE , AOL , MSN ,Verisign , Microsoft ,JWIG ,ORKUT etc. for inheriting SQL injections, redirection vulnerabilities, application security flaws etc.
  • Discover the Google Metacharcater Spamdexing Bug and Yahoo Search Engine Phishing Vulnerability.
  • Holding a BE in computers and MS in Cyber Law and Information from Indian Institute of Information Technology (IIIT-A).
  • Author for the number of security related articles published and released at the packetstormsecurity portal, Info Sec writers, Open RCE , Linux security, XSSED, MLabs , knowledge cave , Secniche etc .
  • Information Security Writer for Hakin9, Linux+, Information Security Magazines.etc.
  • Projects you can find at SecNiche
  • For Latest Happenings:
    His blog : http://zeroknock.blogspot.com
    Social Networking project with Whitedust , http://www.hakspace.net
Presentation Title :
Exploiting 4J Jargon - JSON, BISON - JUMP - JNLP - JWIG Traversing Through Java Based Web Technologies
Presentation Abstracts:
The talk strictly adheres to the attack base that favors the exploitation of web based Java technology. The core revolves around the web exploitation. The point of talk is to understand the hidden artifacts of these technologies that dismantle that functioning of web. The deep aspect of serialization attacks and other security paradigm will be discussed. The exploitation realm of JSON-Bison will be stripped off with definite techniques. The JNLP, JWIG and JUMP will be traversed through featured techniques. The work is an outcome of my analysis and in depth research. These defined issues can be exploited in any sense. it requires detail talk. The web 2.0 has become the attack base for surmounting attacks. These technologies serve the base. So a generic work is required to look into the mal functional aspects of these technologies.
Presentation Requirement:
  • standards-based presentation using XHTML and CSS;
  • dynamic display and interaction using the Document Object Model;
  • data interchange and manipulation using XML and XSLT;
  • asynchronous data retrieval using XMLHttpRequest;
  • JavaScript binding everything together.

Damian Hasse
About Damian Hasse
Damian Hasse, Lead Security Software Engineer at Microsoft, leads a team of security researchers that investigate vulnerabilities and security threats as part of the Microsoft Security Response Center (MSRC). The team works on every MSRC case to help improve the guidance and protection we provide to customers through our security updates and bulletins by discovering additional attack vectors, new exploitation techniques and adapting quickly to stay ahead of the ever evolving security ecosystem. This team also provides forward looking security guidance to product teams within Microsoft, impacting products before and after release.
Presentation Title :
School of hard knocks things you can learn from working with MSRC
Presentation Abstract:
Several MSRC cases will be explained, revealing code flaws, describing attack vectors, understanding what the security engineering arm of MSRC, SWI React, did to validate the fixes and more importantly how Microsoft continues to refine the security engineering process to prevent this kinds of problems in future releases.

Linxer
About Linxer
the senior of researcher Unnoo-Data Security Workbase Lab, focus on Anti-Virus and be interested in Linux Kernel.
Presentation Title :
Unpacking Technology for AV Engine
Presentation Abstracts:
In recent years, more and more viruses and Trojan has combined several layers of packers to themselves so as to encrypt themselves and not to be deleted.This has brought a lot of challenges to the anti-virus testing techeniques, the matching of feature codes, which is in common use now. The thesis analysizes the unpacking of VM from the emulation of X86 CPU , PE Loader and Window system features, basing on the technique of unpacking.

Luis Miras
About Luis Miras
Luis Miras is the lead vulnerability researcher at Intrusion Inc. He has done work for leading consulting firms and recently has done work for Chumby. His interests include vulnerability research, binary analysis, and hardware/software reversing. In the past he has worked in digital design, and embedded programming.
Presentation Title :
Other Wireless: New ways to get Pwned
Presentation Abstracts:
There are many other wireless devices besides Wifi and Bluetooth. This talk examines the security of some of these devices, including wireless keyboards, mice, and presenters. Many of these devices are designed to be as cost effective as possible. These cost reductions directly impact their security. Examples of chip level sniffing will be shown as well as chip level injection attacks allowing an attacker to control the target system. The hardware used in these devices will be examined along with an attacker toolkit consisting of low cost hardware and software.

Luo xiapu (Daniel)
About Luo xiapu (Daniel)
Luo xiapu (Daniel) is a Ph.D candidate in the Hong Kong Polytechnic University. His research interests include network security, network Measurement, network management, and performance evaluation in both wired and wireless network. His research outputs were published in major security conferences, such as NDSS, ESORICS, IEEE/IFIP DSN, IFIP SEC etc. He is a computer software system analyst.
Presentation Title :
Cloak and WebShare novel network covert channels
Presentation Abstracts:
This presentation focuses on two new network covert channels: Cloak and Webshare. Cloak is a new kind of timing channels that employ the combination of packets and flows to deliver stealthy information. Comparing with other network timing channels, Cloak has many salient features, for example, high capacity, reliable transmission, ten variants with different camouflage capabilities, etc. Webshare is a new storage channel that relaxes the location constraints in traditional network covert channels. It uses the plentiful, public Web counters for storage. This presentation also includes a brief review on techniques for the design of network covert channels.

Nguyen Anh Quynh
About Nguyen Anh Quynh
Nguyen Anh Quynh is a postdoctoral researcher at National Institute of Advanced Industrial Science and Technology (AIST), Japan . His research interests include computer security, networking, data forensic, virtualization, Trusted Computing and Operating System. His papers have been published in various academic conferences, such as ACM, IEEE, LNCS, Usenix among others. Quynh is a contributor of numerous open source projects (notably are Xen Virtual Machine and Linux kernel). He loves to get involved with the industry, and he gave talks at hacking conferences such as EusecWest, HackInTheBox, Hack.lu. Quynh obtained PhD degree of computer science in Keio University , Japan. He is also a member of VNSECURITY, a pioneer information security research group in Vietnam.
Presentation Title :
Xenprobes, A Lightweight User-space Probing Framework for Xen Virtual Machine
Presentation Abstracts:
This presentation focuses on Xenprobes, a lightweight framework to probe the guest kernels of Xen Virtual Machine. Xenprobes is useful for various purposes such as as monitoring real-time status of production systems, analyzing performance bottlenecks, logging specific events or tracing problems of Xen-based guest kernel. Compared to other kernel probe solutions, Xenprobes introduces some unique advantages. To name a few: First, our framework puts the the breakpoint handlers in user-space, so it is significantly easier to develop and debug. Second, Xenprobes allows to probe multiple guests at the same time. Last but not least, Xenprobes supports all kind of Operating Systems supported by Xen.

Rodrigo Rubira Branco
About Rodrigo Rubira Branco
Rodrigo Rubira Branco (BSDaemon) is a Software Engineer at IBM, member of the Advanced Linux Response Team (ALRT), part of the IBM Linux Technology Center (IBM/LTC) Brazil also working in the IBM Toolchain (Debugging) Team for PowerPC Architecture. He is the maintainer of the StMichael/StJude projects (www.sf.net/projects/stjude), the developer of the SCMorphism (www.kernelhacking.com/rodrigo) and has talks at the most important security-related events in Brazil (H2HC, SSI, CNASI). Rodrigo is also a member of the Rise Research (www.risesecurity.org).
Domingo Montanaro
About Domingo Montanaro
  • Montanaro is an Information Security Specialist and Computer Forensics Expert, has been working with High Technology crime investigation for private companies including the financial market and also for law enforcement agencies as a Forensics Connoisseur.
  • Expertise in Data Recovery, Incident Handling, Response and Tracking, Evidence Collection, Forensics (and Anti-Forensics) methodology and tools Research and Development and Information Leakage issues.
  • Organizer of H2HC - Hackers 2 Hackers Conference (Latin America most important Hacking conference) .
  • Invited professor of some universities for lessoning about Computer Forensics, author of several articles/papers and Speaker in security related conferences as HackInTheBox Dubai 2007, VNSecon 2007, H2HC and SSI/ITA. Certifications: GCFA, MCSO

Presentation Title :
Kernel_Hacking & Anti-Forensics
Presentation Abstracts:
This presentation intend to cover specifically the most necessary and more undocumented area of the computer security: attacks to the core of the systems (Kernel-level attacks�which can defeat the existing security models). As all we know, security systems generally runs with the kernel privilegies (like pax, lids, selinux and more others) and can be bypassed if the kernel itself has been compromised.
Attempts to protect the kernel mode (like canary protection into the kernel mode, introduced by Windows 2003 and pax-randkstack/noexec protections) exist, but are restrict in protecting the exploitation, not preventing the exploitation consequences. St. Michael is an open-source project, that covers Solaris and Linux (in the future, I plan to port it to NetBSD systems too) and try to offer a security integrity checks into that systems (it will check filesystem, kernel structures and MBR of the system against any attempt to change or any changes, and have the capability to recover the system or take it down).
During the presentation, many test-attacks will be used to explain how the StMichael actually works to defeat/detect attacks. Also, a sample will be showed, using StMichael and many others kernel security related tools (special focus into PAX).
Also, Anti-Forensics techniques will be discussed using hardware interrupts and other methodologies that certainly will almost defeat any kind of forensics analisys

Sun Bing
About Sun Bing
Sun Bing is the Research Scientist at an Information Security company currently, and has held security related positions at several famous companies heretofore, such as Rising and Siemens. SUN BING has more than 7 years of experience in Windows Kernel and Security Techniques (Anti-Virus, Firewall, IPS etc) research development, especially with deeply delving into Buffer Overflow Prevention, Rootkit Detection and x86 Virtualization. His main works previously involve participating in Rising Anti-Virus Softwares development, publishing the paper (The Design Of Anti-Virus Engine) at xfocus, taking charge of the design and development of a desktop security product-LinkTrust IntraSec, and speaking at security conferences such as XCON2006, POC2006, EuSecWest 2007, and BlackHat EU 2007...
Presentation Title :
BIOS Boot Hijacking By Using Intel ICHx “Top-Block Swap” Mode
Presentation Abstracts:
In this presentation, I will disclose a fire-new BIOS Boot hijacking method by using the so-called “Top-Block Swap” mode that is supported by Intel ICHx series south bridge chips. The “Top-Block Swap” mode of ICHx swaps the top block (the Boot Block) in the Firmware Hub (FWH) with another location, which allows for safe update of the Boot Block even if a power failure occurs, however due to a negligence in BIOS designing and coding, it fails to lock down the swap function before handing over the control to operating system once Boot phase successfully completed, which then makes an original security mechanism become a severe security hole, a malicious program can easily exploit this swap function to perform a DOS attacks, which would lead to a Boot failure of the victim computer, or to be even worse it may directly inject a piece of customized codes into the swap block, which enables this codes to gain execution control even before system BIOS and then to compromise the whole system. This paper will discuss in detail the BIOS ROM chip address decoding map, Intel ICHx “Top-Block Swap” mode, possible exploitation methods and corresponding prevention countermeasures.
Presentation Requirement:
This Presentation requires that audiences should have strong programming abilities with x86 assembly and C language, and deep understandings on PC architecture and its basic components as well, such as Mainboard Chipset (South/North Bridge), BIOS, CMOS etc. In addition, having some knowledges on x86 processor architecture (Protected Mode, and System Management Mode etc), Windows OS kernel, and some important hardware specifications (PCI Bus, ACPI, PnP BIOS, EFI and so on) will be a plus.

xyzreg
About xyzreg
Zhang Yi (xyzreg), a security technology researcher , majors in Information Security Technology at Jiangsu University. His research interests are Windows kernel, advanced malware technology, vulnerability discovery, Network Centric Warfare, initiation of Security Products.
Presentation Title :
Advance Malware Technology to New Challenges -- Breach Active Defense
Presentation Abstracts:
The wide use of Active Defense technology in Anti-Virus Products,Firewalls and HIPS is a severe challege for today's Backdoors,Trojans ,Rootkits etc.. Even if the Malware's excellent Concealment, the Active Defense Product will notice the user on the first setup of Malware, and stop Malware from normal installing and further working.
This topic is detailed on the application of status of the Active Defense, its principle and various methods to breakthrough the active defense deep in the windows kernel.
Presentation Requirement :
  • System mechanism of windows
  • Malware Technology
  • Principle of Security Product
  • the application status of the Active Defense

Yarochkin Fyodor
About Yarochkin Fyodor
Fyodor's been in business objectives and the security service delivery fieldfor the past few years, contributing his spare time to a few open and closed source projects. He has a background of system administration and programming. Note: Fyodor is not 'nmap Fyodor'. (http://www.snort.org/docs/faq.html#1.2) Fyodor is a frequent speaker at the conferences across Asia-Pacific.
Presentation Title :
Towards Hacker’s personal Agent
Presentation Abstracts:
In this presentation Fyodor will demonstrate a project, which he's been working for over a year. The basic concept of the project is to create intelligent environment where information could be stored and retrived in convinient manner by both network tools and manually. This environment should facilate the automation of network penetration process including information gathering, data analysis and exploitation phases by performing automated data classification and knowledge mining.

Xia Chao
About Xia Chao
Xia Chao is a master of the ShangHai JiaoTong University, his main research direction is Vulnerability Discovery in Lab of Cryptography & Information Security .
Presentation Title :
Dynamic analysis to detect buffer overflow vulnerablilities in binary environment
Presentation Abstracts:
This presentation proposed a new way to find buffer overflow vulnerabilities in binary environment. Combining the dynamic and static analysis, it makes further detection of buffer overflow vulnerabilities. Static methods mainly deal with the structure of the executable binary file, including the function call relations, the internal structure (loop and if branch) of a function and the properties of its stack frame. Dynamic emulation provides a virtual run-time environment, which enables the program to combine its static properties while virtually being executed, and then we can get the function’s signature: the semantic results on buffer manipulation. Finally, we can judge the results to determine whether there is a buffer overflow vulnerability.

Eric Lien
About Eric Lien
CEH certification, work in the D-SWAT Team (Draytek Security Warning and Anti-attack Team) in Taiwan, be adept in program design, network security and computer forensics. Currently forcus on researching Anti-Virus and Content Security Management
Presentation Title :
Analyse P2P obfuscation protocol and encrypted packet
Presentation Abstracts:
This presentation focuses on how to detect P2P obfuscation protocol and encrypted packet. Such as Skype, eMule and Winny, they are all difficult to detect by legacy firewall and IPS/IDP. The D-SWAT team will introduce the analysis process and observation on these weird and strange protocols and packets. A deterministic and behavior-based detection method will be implemented on the SOHO router-VigorPro.
Presentation Requirement
  • Familiar with TCP/IP protocol
  • Familiar with Ethereal/Wireshark/Sniffer
  • XCon Organizing Committee & HuaYongXingAn Science Technology Co., Ltd.
  • ©2003-2006 All rights Reserved.