MG_6529.jpg
"Should we give out some hints?" By the time Day 1's final coffee break rolled around CTF Mass 0wnage participants surprisingly hadn't really gotten all that far! "Should we give out some hints?" By...
View ArticleMG_6486.jpg
"Wanna take over a presentation cause it's too boring? All you need is about EUR30 and some Arduino magic!" "Wanna take over a presentation cause it's too boring? All you need is about EUR30 and some...
View ArticleMG_6481.jpg
Niels' presentation was so cool it got him Slashdotted and was even mentioned by Mikko Hypponen over Twitter. For a detailed outline of this attack and the tools + methodology employed, take a look at...
View ArticleMG_6485.jpg
Next door, Fox-IT's Niels Teusink presented a superb attack abusing vulnerabilities in wireless remotes to get a Metasploit payload on to the machine of someone using a wireless presenter by sending...
View ArticleMG_6474.jpg
He presented a new JIT-SPRAY technique which allows for DEP and ASLR bypass against Internet Explorer 8, FireFox 3.6, and Adobe Acrobat Reader He presented a new JIT-SPRAY technique which allows for...
View ArticleMG_6468.jpg
In the second Russian presentation, Alexey Sintsov of Digital Security presented a kick ass paper on JIT Spray Attacks and Advanced Shell Code In the second Russian presentation, Alexey Sintsov of...
View ArticleMG_6457.jpg
"If you think a EUR100 lock is better than a EUR50 lock - think agian..." "If you think a EUR100 lock is better than a EUR50 lock - think agian..."
View ArticleMG_6458.jpg
In the second HITB Lab session of the day, Barry Wels and the folks from TOOOL.nl had a 2-hour session on advanced lock picking methodology including safe cracking! In the second HITB Lab session of...
View ArticleMG_6460.jpg
A close up of Laurent in action... You can find all the details regarding the vulnerabilities mentioned at http://www.tehtri-security.com/ A close up of Laurent in action... You can find all the...
View ArticleMG_6464.jpg
including 0-day attacks against: Apple iPhone CFNetwork API (CVE-2010-1752) Blackberry (TEHTRI-SA-2010-028) HTC (TEHTRI-SA-2010-027) Apple iPad (TEHTRI-SA-2010-026) ThalysNet (TEHTRI-SA-2010-026)...
View ArticleMG_6462.jpg
Meanwhile, next door, Laurent Oudot of TEHTRI Security presented a paper titled 'Web In The Middle, Attacking Clients' in which he announced SEVERAL MAJOR vulnerabilities and exploits Meanwhile, next...
View ArticleMG_6451.jpg
Roberto 'Wolverine' Gassira of Mobile Security Labs in action Roberto 'Wolverine' Gassira of Mobile Security Labs in action
View ArticleMG_6446.jpg
Their attack goal is to hijack all mobile traffic from the device by forcing all HTTP/HTTPS traffic to go through a proxy server controlled by the attacker. The attack vector for the hijack is either...
View ArticleMG_6443.jpg
Immediately after lunch, Roberto Gassira and Roberto Piccirillo from Mobile Security Labs presented their updated work on Hijacking Mobile Data Connections Immediately after lunch, Roberto Gassira and...
View ArticleMG_6441.jpg
Dinis Cruz, Christian Heinrich and Martin Knobloch from OWASP shared 4 lightning talk sessions over the lunch period Dinis Cruz, Christian Heinrich and Martin Knobloch from OWASP shared 4 lightning...
View ArticleMG_6420.jpg
"Did you just bite me?" Daniel Mende of ERNW (who was on-site to run the Packetwars segment with the HITB CTF Crew) and Astera having a chat "Did you just bite me?" Daniel Mende of ERNW (who was...
View ArticleMG_6401.jpg
Hackerspaces + Web Hacking Challenges + CTF + Corporate Exhibition == Brings a whole new meaning to the term 'NETWORK' luncheon Hackerspaces + Web Hacking Challenges + CTF + Corporate Exhibition ==...
View ArticleMG_6382.jpg
The HITB Booth with half of the 'Ultimate Social Engineering Kit' (comprising 12 years of various collectible hacker t-shirts from around the world) up for charity auction. Thanks Emerson! The...
View Article
More Pages to Explore .....