Conference Speakers

Farewell, WAF – Exploiting SQL Injection from Mutation to Polymorphism

In this talk, we’ll not only go through the core ideas and concepts of the Web application firewall (WAF) and also some background information about mutation testing against web applications, but introduce a promising direction of automatically generating SQL Injection attacks with Polymorphism. We’ll be giving out some case studies and bypasses for the ModSecurity’s latest version (v3.1) alongside our demonstrations and explain why common detections cannot help in this place as well. The audience will then realize the power of this concept and the beauty of the SQL language after the talk.

Wireless Exploitation: Attacking IoT/OT with SDR

Recent years have seen a flood of novel wireless exploits, from vulnerable medical devices to hacked OT devices, with exploitation moving beyond 802.11 and into more obscure standard and proprietary protocols. While other non-WiFi RF protocols remain a mystery to many security practitioners, exploiting them is easier than one might think. SDR is changing the game for both offense and defense. Exploration and use of SDR to exploit the world we live in, full of interconnected devices. The session will discuss Planning/Phases of attacking RF, illustrating the Internet of Radio Vulnerabilities.

Code Execution Analysis in Mobile Apps

Proper binary analysis necessitates the use of debuggers to monitor/alter the flow of execution. Mobile apps are no different. This talk will go over the techniques and methodology used to monitor, debug, and finally execute arbitrary code inside a packaged mobile app for analysis and debugging purposes.

Jiuwei – A cross platform multi arch shellcode executor

Functioning as the first-stage in an exploitation, shellcode play an important role in successfully triggering software vulnerability. Since this part of payload is written in low-level machine code, understanding how it works is not trivial for analysis.

This presentation introduces JiuWei, a cross-platform and multi architecture machine code analyzer. Based on Unicorn emulator (http://unicorn-engine.org), our tool is able to execute & analyze all kind of shellcodes, regardless of Operating System (Windows, Mac, Linux, Android, etc) or CPU architectures (Intel, Arm, Aarch64, Mips).

Thanks to a powerful instrumentation engine, the output report can show what the shellcode does inside, in a friendly high-level output format.

In this talk, we will give a brief introduction on the design & implementation of JiuWei, some technical challenges we had to solve, and some cool live demo on some modern shellcode.

Presented at VXCON and HITCON with some DEMO. As for we will be doing brand new demo with brand new modern shellcode. We will also ready to call release the tool public at Nanosec

 

Malware Classification using Deep Learning

Deep learning currently is an extremely popular tool that has been used to solve hard problems, ranging from computer vision until speech recognition. This talk is going to introduce the audience to how one can leverage this deep learning technique in order to predict/classify computer malware.

 

Attacking & Securing Healthcare Standards & Pentest Medical Devices

The Health Care Industry has evolved exponentially over the last decade. It’s no secret that advancement in technology & it’s adoption was the driving force behind this positive growth. Initially, interfaces between medical devices were custom designed & posed a huge challenge as far as interoperability was concerned. HealthCare standards like HL7 & DICOM standards have come to the rescue by providing interoperability to store, manage & exchange information among one or more devices, product, systems etc. Both of the standards are supported by the majority of vendors & hospitals however secure implementation of these standards is still a concern as security risks were given less importance while designing products (software & hardware) for healthcare services. This presentation will be primarily focused on HL7 2.x, FHIR & DICOM messages, their implementation, the sensitivity of the information and how to attack these messages. The talk will cover how to pentest medical devices / system in the hospital network and the approach that needs to be taken to pentest the hardened medical system. The talk will be concluded by sharing insights on the proper implementation of these standards to better defend healthcare devices & systems against cyber-attacks.