PARTNERS AND SPONSORS 2011
April 26, 2012PHDays Young School Finalists Decided
Got tired of waiting for new Brins and Kasperskys in Russia? Frankly speaking, we did. To find out the state of academic IT-security science in Russia, we "put out a bulletin" for young scientists who make researches in this field. The competition started a couple of months before the PHDays. This week, the finalists have been decided.
The program committee of the competition, which was composed of representatives of leading IT companies (Microsoft, Yandex, etc.), educational and scientific institutions (MSU, MEPI, SPIIRAS) and core publications (Hacker Magazine), considered 19 applications and selected 7 most interesting reports. The finals of PHDays Young School will host youngsters from educational institutions of Moscow, Krasnoyarsk, Novosibirsk, Saint Petersburg and Taganrog, who will compete for the main prize on May 31.
The primary goal of the competition is to give a chance to young scientists to let themselves known. The finalists will personally present results of their research before mainstream audience of experts, leading Russian and international specialists in information security. We hope sincerely that for the young scientists, their presentations at PHDays Young School will be a major step towards their success and that this experience will help them in their future scientific work.
The competition took place owing to Andrey Petukhov's determination and enthusiasm. This man shouldered the uneasy task of organizing PHDays Young School. A special thanks to the committee members, namely:
Dmitry Kuznetsov (Positive Technologies);
Denis Gamayunov (CMC MSU);
Alexander Dmitriyenko (Technische Universitat Darmstadt);
Vladimir Ivanov (Yandex);
Alexey Kachalin (Advanced Monitoring);
Nikita Kislitsin (Hacker Magazine);
Igor Kotenko (SPIIRAS);
Pavel Laskov (Eberhard Karls University, Tubingen);
Alexander Polyakov (Digital Security, ERPScan);
Aleksey Sintsov (Digital Security, Defcon Russia Group);
Beshkov Andrey (Microsoft).
So, we are waiting for you at PHDays 2012, on May 31 where the finals of PHDays Young School will take its place. Don't miss the chance to see the future being born!
April 25, 2012Registration for PHDays starts May 14, at midday
Please, note: the number of places is limited. Set your reminders for May's second Tuesdays, 12:00 am. The faster you get registered, the higher are your chances to be among the invitees.
PHDays will give you an opportunity to hack anything you see, chat with Bruce Schneier, and wash down failures with free tequila.
The registration procedure will be published soon. Stay tuned!
P.S. A note for late-risers: don't oversleep ;)
April 25, 2012The Author of John the Ripper Will Speak at PHDays 2012
In 1996, Alexander Peslyak (aka Solar Designer) created a program called John the Ripper. This cross-platform utility designed to analyze password strength has become one of the top 10 popular software in the field of information security, while the program's site has been visited by 15 million people.
Besides, Alexander is a founder of the Openwall project and a leading developer of Openwall GNU/Linux (Owl) a highly secured operating system.
Alexander Peslyak is considered the greatest brute-force specialist ever since Ali Baba and Abu Yusuf al-Kindi. In 2007, such projects as phpBB 3, WordPress, and Drupal accepted the password security improvements he had developed.
In 2009, Alexander was awarded with the Lifetime Achievement Award at Black Hat, a highly recognized conference on information security.
At PHDays 2012, the master of bruteforce will present his report titled Password security: past, present, future. In his presentation, he will discuss issues of password protection and speak of history and near-term prospects of the authentication technology.
April 12, 2012New Reports at PHDays 2012
New speakers who have recently joined PHDays 2012 will speak of SAP hacking, vulnerabilities in smart cards and Ukrainian style cyber security and answer most interesting questions. For example, how many stadiums can be built for the money stolen from Russian remote banking systems? Or what are the real motives that stand behind the cruel war banks started to fight against hackers?
Peculiarities of Fights Against Russian Fraud
An interesting fact - on January 1, 2013 the law on national payment system is coming into effect. In case of an unauthorized money deduction from a client's account, the bank will have to return the money to the account. In other words, so far money has been stolen from clients; but starting from next January, the victims of such crimes will be banks. This is quite a reason for the bank community to start a crusade against cybercriminals 'specialized' in remote banking systems. How to make 2013 and the following years unhappy for such hackers? Evgeny Tsarev will give the answer in his report Systems of Russian style Fraud Resistance. The reporter will speak of peculiarities of Russian fraudulence in the banking field, outline various fraud schemes, point out the reasons of a low level of efficiency of the Western approach and demonstrate how a complex security system should be build up.
DNS Exfiltration Using SQLmap
In military usage, exfiltration is a tactics of retreating from a territory which is under the enemy's control. In such operations, proper camouflaging is far more significant than speed. Likewise, hackers who have obtained access to a system make no rush to copy the data. Firstly, the risk to be disclosed is high. Secondly, the right information may show up later. So, the hacker's program sends the data in small portions through hidden channels that are often not designed for data transfer. A developer from Croatia, Miroslav Stampar in his report DNS Exfiltration Using SQLmap will present a DNS exfiltration technique performed by means of SQL injections, speak of its pros and cons and support it with visual presentations.
Methods of Penetration Through Internet Explorer
In the report Attack Against Microsoft Networks Web Clients, Vladimir Vorontsov introduces methods that allow conducting attacks against Internet Explorer users that operate within Microsoft Networks. The main goal of the attacks in question is to obtain confidential data from users located both on remote servers (bypassing access restrictions) and on local PCs.
Investigating Information Security Incidents Within Automated System of Technological Process Management (SCADA Forensics)
Hackers' growing interest in technological infrastructures and automated systems of technological process management (SCADA) is becoming a sort of a trend. According to experts' estimations, Russian leading industry companies lose up to 10% of their revenue because of internal fraud, thievery, violation of technological processes, configuration flaws in measuring equipment. A specific nature of SCADA requires developing an essentially new technical discipline - computer forensics in the field of industrial automated systems. Andrey Komarov's report also covers incident prevention mechanisms used in the field and considers possibilities of Business Assurance Systems (BAS) regarding economic frauds prevention in the SCADA sector (alteration of such data as fuel-dispensing station readings, data of trading and accounting systems, readings of container indicators, data of fuel and discount card processing). The report will be supported with a demonstration of incidents of practical significance that occurred in the TOP 10 largest industrial companies in various countries. Andrey Komarov is the head of audit and consulting department of the Group-IB company. At present, he is involved in work on Penetration Testing Execution Standard (PTSE) as a representative of Russia.
Smart Card Vulnerabilities: How Much Are We Talking About?
For some years we have been observing a boost in the number of threats to Russian remote banking systems (Shiz, Carberp, Hodprot, RDPdoor, Sheldor). Hackers have been managing to steal dozens of millions of dollars every month (the annual amount is quite enough to build at least a stadium for Spartak and TSSK football clubs, one for each). Working on the report Smartcard Vulnerabilities Exploited by Modern Banking Malware, Aleksander Matrosov and Evgeny Rodionov have examined the most widely used banking malware and revealed quite interesting vulnerabilities in two-factor authentication and smart cards. The report will also consider tricks and shams that hackers use to impede forensic investigation. Aleksander Matrosov is a director of the Center for Virus Research and Analytics, the ESET company. Evgeny Rodionov is in charge of complex threat analysis at ESET.
New and Popular Ways of SAP Hacking
In the last couple of years, SAP security is in focus of ever-growing attention. The public information space has been saturated with various topics from attacks against SAProuter and SAP web applications up to vulnerabilities of low severity level in the SAP core and ABAP code. So far, SAP has released more than 2000 notifications on vulnerability fixes in its products but it's only the beginning. Which vulnerabilities are still there, in SAP systems, apart from the same old XSS, SQL injections and buffer overflow? In the report SAP Insecurity: the New and the Best, Aleksandr Polyakov will focus on a dozen of most interesting vulnerabilities and vectors of attacks against SAP systems: from an encryption flaws to authentication bypassing, and from amusing errors to complicated attack vectors. A great many of vulnerabilities described in the report will be a novelty for the public. Aleksandr Polyakov is the technical director of Digital Security, and one of the world's most prominent experts in SAP security.
With PHP, Haste Makes Waist
Some third-party PHP implementations allow reducing script-execution period by 5 times. But are they capable of ensuring steady and secure work of web applications? Sergey Scherbel, an expert of the Positive Technologies company, will present his report Not All PHPs Are Equally Useful to introduce revealed security problems and exploitation peculiarities of web applications that use third-party PHP implementations and to give some examples of 0-day vulnerabilities. Sergey's specialization is application security, penetration testing, web application and source code analysis. He is in the team of PHDays CTF developers.
About a Secure Use of PHP Wrappers
The PHP topic will be further developed by Aleksey Msockvin, another Positive Technologies security expert. His report About a Secure Use of PHP Wrappers focuses on vulnerabilities related to PHP wrappers. Such vulnerabilities have been discussed for quite a while. OWASP TOP 10 and WASC TCv2 provide links to them. However, a number of peculiar features of some wrappers and filters may cause vulnerabilities (including critical ones) even in applications developed according to security requirements. The report covers algorithms that allow transferring data to an application bypassing its logic. This approach can be used for bypassing Web Application Firewalls built into security filter applications, as well as for conducting attacks aimed at obtaining access to file system and executing arbitrary code. The speaker will introduce some of 0-day vulnerabilities detected by means of the method described in the work. Aleksey is a specialist in static and dynamic security analysis of application source code. He is in the team of PHDays CTF developers.
Instrumentation Methods of Complex Code Analysis
Time goes by, development technologies get more sophisticated, codes get more complex (virtual function, JIT-code and etc.). It gets extremely hard to analyze such codes. To make researchers' lives easier, there are various code instrumentation methods available at present. PIN libraries, Valgrind, DynamoRIO, DynInst, etc. are new indispensable constituents of a security researcher's arsenal. Current methods of instrumentation (of source code, byte-code, and binary code) will be described by Dmitry Evdokimov in his report Light and Dark Sides of Code Instrumentation. Dmitry Evdokimov is a columnist of the Hacker magazine, Russia. He writes a column titled Security-soft. He is also an expert in SAP security in terms of its internal arrangement (SAP Kernel and SAP Basis), and the ABAP code.
Cybersecurity in The Ukrainian Style
Konstantin Korsun, a former officer of the Anti-Cybercrime Unit, the Security Service of Ukraine, and currently the director of iSIGHT Partners Ukraine LLC will tell the listeners about emergence of community of information security officers in Ukraine. The community was originally started as loud night-outs of Ukrainian IT security specialists in Kiev bars and made its way up to an officially registered (in 2012) public organization called Ukrainian Information Security Group. Currently, Konstantin Korsun is the president of UISG. At PHDays, he will present a report titled UISG, a Community of Information Security Experts of Ukraine. Achievements and Prospects.
March 26, 2012"The Georgian" botnet by Canadian Pierre-Marc Bureau. A new master-class for PHDays.
Spreading over the world recently has been news of the "Georgian" botnet, based on Win32/Georbot, which steals secret documents and also captures audio and video via web-cameras.
It will be possible to learn how Win32/Georbot works, and how to control or neutralize it, in our forum Positive Hack Days on 30 and 31 May. Pierre-Marc Bureau , the leading engineer of the virus laboratory ESET, an expert on cyberwar and cyberespionage, will hold the world's first "georbot master-class".
How does it take screenshots and record sound?
Pierre will show the audience the numerous possibilities of Win32/Georbot. You will see in real time how this malware, managed by the Canadian specialist, will perform the following tricks:
taking screenshots via Web-camera, installed on the "victim" computer
making an audio recording on the built-in microphone
scanning the network
causing denial of service
Methods of obfuscation
Like a real resident, the malware is not looking for fame and tends to remain in the shadows. An exclusive and specially complicated code also makes it imperceptible to antivirus. Participants in the master class will learn how the obfuscation (entanglement) of the code of Win32/Georbot is implemented and will be able to clarify the following points:
Control of obfuscation flow
sequence of obfuscation
API of obfuscation call by hash function
How to control the "georbot"
Participants will see how this "combat worm" communicates with its command and control server using HTTP. Pierre will also show how to create an alternative command and the sever control element in the laboratory, and how to give commands to the program and get its feedback.
What is required for the master class
Do not forget to bring a laptop running Windows XP, installed on a virtual machine. It is necessary for the active participants in the master class to install the following applications (which can be downloaded free of charge):
Immunity Debugger (or Olly, if you prefer)
Required skills for a smooth immersion in the subject:
understanding of assembly principals
understanding of the structure of Windows
understanding of the Python programming language
Briefly about Win32/Georbot
According to Pierre-Marc Bureau, the Win32/Georbot family of malicious applications appeared about a year and a half ago. The virus has many variations, is not intended for "carpet bombing", is used to steal confidential information and is difficult to identify.
Detailed analysis: http://blog.eset.com/wp-content/media_files/ESET_win32georbot_analysis_final.pdf.
March 6, 2012The first reports on PHDays 2012 have been determined
Can you trust passwords on your iPhone or iPad?
Dmitry Skliarov, in his reports "Secure Password Managers" and "Military-Grade Encryption for smartphones: Is it really serious?" presents the results of the analysis of several programs to protect passwords and data for the Apple iOS. Dmitry is Information Security Analyst at ElcomSoft Co. Ltd. and assistant professor of "Information Security" of MSTU Bauman.
Security of mobile communications. Hacking GSM and GRPS
Sylvain Munaut, developer of the project OsmocomBB, tells how GSM and GRPS are hacked in his report "Abusing Calypso phones."
Attacking through the mouse and keyboard? It's a reality
The famous Indian hacker Nikhil Mittal, creator of the framework Kautilya, conducts a master class "Creating havoc using a Human Interface Device." The main theme of the report is how easy it is to hack a computer using devices that present themselves as a mouse, keyboard, etc.
Information Security in the U.S.
Michael Utin in the report "Analysis of US Laws and Regulations Protecting Personal Information - What Is Wrong and How to Fix It" will tell how activities in the field of information security are regulated in the United States. Michael has a Master's in Computer Science with 20 years' experience in IT and 10 years' experience in the field of information security.
Payment by MasterCard and VISA cards in the internet shops - how safe is it?
Micha Borrman, of the company SySS in his report "Internet, CVV2 and fraud detection systems," analyzes common vulnerabilities in the security systems of online stores that use payment cards, MasterCard and VISA as a payment method.
The smartphone sends SMS by itself, and the money debited from the account?
Marcus Niemietz raises the current topic of attacks on mobile phones (in particular, popular smartphones running Android). His report is called "Hijacking Attacks on Android Devices". Marcus, author of the book "Clickjacking and UI-Redressing", promises to demonstrate at the conference one or two 0day-attacks and a lot of practical experiments.
What can LulzSec teach society?
An analysis of the activities of the hacker group LulzSec, which has consistently compromised servers of the CIA, Sony, Arizona, and British police UBOP - SOCA, will be conducted by Jerry Gamblin in his report "What We Can (and Should) Learn from LulzSec." Jerry is an expert in information security for the Missouri State House of Representatives.
Are printers not only dangerous for trees?
Andrei Kostin will report on the unusual ability of printing devices and attacks using the PostScript language in the report "PostScript: Danger ahead! / Hacking MFPs, PCs and beyond..." Andrei is the winner of many gems in the field of information security.
Can programs fight, like in the movie "The Matrix"?
Igor Kotenko, head of the SPIIRAS laboratory of computer security problems, will report on "The cyber-warfare of software agents."
How to automate the search for vulnerabilities?
Nikita Tarakanov and Alexander Bazhanyuk will present their report "A tool to automatically search for vulnerabilities." Nikita and Alexander are the founders of the information security company CISS RT.
The legendary expert on security, Bruce Schneier, will appear for the first time in Russia at PHDays-2012. Bruce Schneier is the author of dozens of codes along with six books, among which the bestseller "Applied Cryptography" has been translated into Russian.
The forum will also include training sessions and master classes.
The PHDays Forum, organized by Positive Technologies, will take place in Moscow on May 30-31. Independent experts in IS will all meet in one place: hackers, representatives of state and of big business. The program includes - CTF Competition, hacking competitions, master classes, workshops, seminars, round tables and discussions.
You could join the speakers at PHDays!
Until April 16 anyone can send a request to participate in the forum - we are interested in the actual, original and resonant themes in information security. For more information about the rules - http://www.phdays.com/cfp.asp.
Young scientists and students also have the opportunity to present their ideas and discoveries, speaking on the same site, together with well-known gurus of information security. The "Young School" competition has been organized especially for them.
January 27, 2012Bruce Schneier Will Speak at PHDays
A cryptography guru, world-famous expert in information security Bruce Schneier will come to Moscow for the first time. He will take part in our forum as one of the key speakers.
Bruce Schneier is a legend in the information security world and his name means much for everyone who works in this field. Several generations of hackers have already grown up on his Applied Cryptography. Another bestseller by Bruce Schneier, Secrets and Lies, is devoted to broader issues of information security. Bruce Schneier has developed popular cryptographic algorithms Blowfish, Twofish, and Threefish and has been involved in the creation of over ten other well-known algorithms. Moreover, Bruce is one of the authors of Yarrow, a pseudo-random number generator, and Skein, a hash function. He publishes a popular Crypto-Gram newsletter and keeps a blog Schneier on Security; there are over 150 thousands readers from all over the world.
We'll keep the subject of the Bruce's speech under wraps for a while, but we're already forming a queue of those who wish to get an autograph! And we keep developing the forum program. Leading Russian and foreign experts in various information security fields will give master-classes, workshops, and speeches at PHDays. Stay tuned to know the names!
Attention! You can make a speech together with Bruce Schneier! For this opportunity, take part in CFP. We are looking forward to your abstracts!
December 14, 2011The first participants of PHDays CTF 2012 have been decided!
The qualifying stage of the international competition for the protection of information, PHDays CTF Quals, has been completed. Over a period of two days, 72 teams from 17 countries fought unremittingly for the right to reach the final and to attend the main competition in May 2012.
The most active were Russian hackers, who were in the majority of the contestant teams.They were followed by the United States and France. The competition was also attended by experts from such countries as Japan, the Netherlands, South Korea, Tunisia, Germany, Switzerland, Kenya, Canada, Peru, the United Kingdom, Sweden, Lebanon, Australia and Spain. First place in the CTF Quals was the team rdot.org from St. Petersburg, who maintained a leading position throughout the game.
The contest for second and third place was between eindbazen of the Netherlands and leetmore of St. Petersburg. Several times the teams changed places and the tension was unrelenting to the very end of the competition, when in the last half hour a winner emerged -the Dutch hackers just four points ahead of leetmore.
The remaining teams in the top five were int3pids from Spain (4th) and Russian HackerDom (5th place). For the first half of the game the Spanish team was seriously lagging behind the leaders, but then was able to solve a series of complex tasks and have a high score at the finish. This late breakthrough determined their fate - int3pids and HackerDom joined the rest of the winners.
The fifth place was also seriously contended by 0daysober from France, trailing HackerDom by just half a point in the last-minute struggle. Nevertheless, we are showing out appreciation for the activity and perseverance of 0daysober by inviting them to the main competition in 2012!
We would like to mention Antichat Team, [censored], ufologist, Shine (Russia), Big-daddy, ensib (France), MachoMan (South Korea), Nullarea Tunisian Team (Tunisia) and takeshix (Germany), which, although they won no prizes, steadfastly fought for victory and helped make the game dynamic and exciting.
We would like to remind you that PHDyas CTF Quals affects different areas of information security: assessment of security, search for and exploitation of weak points, reverse engineering, etc. In the qualifying stage, the gaming infrastructure PHDyas CTF 2011 was much used, as many of the participants' tasks in this face-to-face competition were not solved.
Dmitrii Evteev, PHDays CTF Overlord: "I would like to thank everyone who participated in CTF Quals, - the competition became really nail-biting and exciting. However, the winners of the CTF Quals are not the only main participants in CTF. A number of team leaders of Russian and international ranking are invited hors concours. So, all in all, the full-time competition will involve 12 teams."
The main competition, PHDAYS CTF, will be held in Moscow on May 30-31, 2012.
View the full rating qualifying events here: http://phdays.ru/ctf_quals_rating.asp.
December 8, 2011One day has left before the end of registration of participants for CTF Afterparty
If you want to take part in CTF Afterparty but you have not joined us yet - hurry up, the registration is closing soon! So far, it is certain that CTF Afterparty will become a battlefield for over 100 people from 18 countries. Most participants come from Russia, the USA and Australia.
The registration for CTF Quals is closed. More than 100 teams from 29 countries applied for the contest. Once again, the most active applicants proved to be Russian hackers. However, American, French and Japanese contestants made a good keep-up with them.
The elimination competitions of CTF Quals start in two days. December 12 will reveal winner teams that will participate in the CTF finals in Moscow on May 30-31, 2012.
Follow the news!
Complete list of participating countries
CTF Quals: Afghanistan, Algiers, Argentina, Australia, Bolivia, Canada, Columbia, Estonia, France, Great Britain, Germany, India, Italy, Jamaica, Japan, Kazakhstan, Kenya, Lebanon, Macao, the Netherlands, Peru, Russia, Republic of Korea, Spain, Switzerland, Sweden, Ukraine, the USA, Western Sahara.
CTF Afterparty: Afghanistan, Argentina, Australia, Barbados, China, France, Hungary, Kazakhstan, Kyrgyzstan, Lebanon, Malaysia, Montenegro, Papua New Guinea, Russia, Singapore, Switzerland, Ukraine, the USA.
November 14, 2011PHD CTF Quals opens up a team registration for the information security contests
December, 10-11 will see the PHD CTF Quals contest on information security organized by Russian developer company Positive Technologies. The PHD CTF Quals contest is a qualification competition for the international PHD CTF contest that will take place on May 30-31, 2012.
The qualification competition is open for everyone. The requirements list a preliminary registration, a team of 5 contestants and a full observation of the rules.
PHD CTF Quals will contest participants' skills of information security assessment, vulnerability search and exploitation, reverse engineering and hacking in general. It is notable that vulnerabilities used for the contest are not made-up but taken from the real life. Thus, participants will have an unrivaled chance to try themselves as real hackers.
Teams will have a chance to exploit myriads of real vulnerabilities and to try their hands at solving little information security tasks. The maximum total score is 100. Participants scoring more than 100 will be awarded with traditional special prizes from the Positive Technologies company.
The PHD CTF Quals results will decide the winning teams that will take part in the international PHD CTF contests that are held on May 30-31, Moscow, as part of Positive Hack Days (PHD) II, an international information security forum.
PHD CTF Quals will be immediately followed by PHD CTF Afterparty 2011 where anyone will be able to solve available tasks according to the same rules. The CTF Afterparty 2011 contest will take place on December 12-25; winners will be awarded with prizes and certificates. The top participants will be invited to the PHD forum as competition contestants.
In 2011, the international PHD CTF hosted 10 teams from Russia, India and various European countries. The main prize went to PPP, a team from Pittsburg, USA. The second and third places were taken by Russian teams Leet More and HackerDom. All participants received valuable prizes and presents, while the winners were also awarded with $135,000, 80,000 and 50,000 USD respectively.
For detailed information about the rules of PHD CTF Quals and PHD Online HackQues and for the registration form visit registration page.
October 26, 2011In 2012, Positive Hack Days will grow twice bigger
Positive Hack Days, which took place in 2011, became a center of undivided attention of IT specialists and drew a wide response of the IT community. The organizers have already been receiving requests for participation in the next PHD, so, to handle all the requests, Positive Hack Days 2012 will grow twice bigger.
The program will consist of two major parts: a conference and a contest. The conference will involve discussions and round tables meant to bridge business and hacker worlds, as well as practical seminars designed for technical specialists, and master classes conducted by recognized international experts.
Similar to the program of 2011, the contest part will be comprised of the CTF contests and a wide selection of various competitions on practical information security for all comers. The CTF contest will also be divided into several parts that include an old-school CTF, online contests and an innovation. The details are kept in secret so far and will be posted later on the PHD official site.
Meanwhile, the PHD program is being intensively elaborating. Follow the news and the updates at the site.
DNS NEWS. August, 2011At Positive Hack Days, specialists of the Positive Research Center presented the results of the DNS Rebinding vulnerability research.
The results helped finally reveal how the attack can be carried out in practice. The experts demonstrated new vectors for the DNS Rebinding attack, also known as AntiDNS Pinning. The vulnerability implies that a user's browser acts as a mediator between attackers and the target network. It allows attackers to conduct attacks against virtual infrastructures. Notably, it is not the infrastructure of virtual machine management that suffers from the attack but the users' and administrators' workstations, which are usually far less protected than servers. DNS Rebinding allows attackers to interact with internal systems from within the internal network of the target company, which makes it all easier for attackers. Though most browsers nowadays are protected against such attacks, the protection is not always efficient and can be bypassed.
The research conducted by Positive Technologies involved real cases to demonstrate attacks against corporate networks and virtualization systems, network equipment and means of protection. The research thoroughly covers the tools for vulnerability exploitation, as well as the way to bypass existing restrictions. Also, the authors observed the methods of protection against the attack and related attacks.
At present, the companies in which the vulnerability was detected, are cooperating with the experts of Positive Technologies to eliminate the defects.
SAFARI NEWS. May, 2011At PHD, contestants hacked the latest version of the Safari browser for Windows.
By exploiting a 0-day vulnerability in the Apple's browser, the hackers initialized the Calculator application without user interaction.
According to the author of the exploit - Nikita Tarakanov, Chief Technical Officer at the CISSRT company (which conducts software security researches) - to hack the browser, he and his colleagues created a special web page which contained a link to a potentially malicious script. A click on the link launches the script automatically. The script, in its turn, initializes the calculator.
There were several applications to participate in the contest, but only the CISSRT solution really worked proved to be original.
Nikita Tarakanov says that under Mac OS X the Safari vulnerability causes just the emergency shutdown of the browser. However, it is not an evidence of a higher security level of Mac OS X: the vulnerability cannot be exploited properly because of the difference in the way the two operation systems work with the memory.
The winner was awarded with a prize - a Toshiba laptop with installed Safari.
Earlier on, Safari had been hacked by the participants of the CanSecWest security conference, Vancouver, Canada, March 2011.
Results of Positive Hack Days. May, 2011
The Positive Hack Days forum gathered a variety of representatives of information security industry. By estimations, the forum was visited by more than 500 people, including representatives of government agencies, technical specialists, top managers in the IT industry, independent experts, and hackers.
Two programs were conducted simultaneously: a business program, which included seminars and master-classes, and a hacking contest program. The organizers sum up the preliminary results.
PHD CTF Contest
The forum included the PHD CTF open international information security contest. Ten teams from Russia, USA, India, and Europe have been protecting their networks and attacking the networks of their rivals for 8 hours. There were a prepared number of vulnerabilities that exist in modern information systems (e.g., SCADA systems, etc.). The aim of the contestants was to detect vulnerabilities, fix them on their servers and exploit the vulnerabilities to obtain sensitive information from the competitor teams.
According to the results of the contest, the PPP team (Pittsburgh, USA) won by a wide margin and was awarded with 5 thousand dollars. One of the PPP members said, "It's not our first experience of participating in a CTF contest, but in the PHD CTF it was the first time when we were not only to attack other teams' resources, but also to protect our own resources. We will be glad to take part in the contest the next year." Second and third places were taken by Russian teams Leet More (Saint Petersburg) and HackerDom (Yekaterinburg).
Boris Simis, Business Development Director at Positive Technologies, noted, "The PHD CTF is the first contest of such scale, conducted in Russia. Whereas in USA, Canada and Europe similar contests have been held for a very long time. It is connected with the fact that the first place was taken by the team from the USA, the country where information security issues are taken very seriously. We are sure that it was interesting for Russian participants of the PHD CTF to contend with foreign teams, and we are happy to welcome everybody the next year."
The forum included specific hacking contests. Thus, in the laptop hacking contest, specialists were able to detect a so called zero-day vulnerability (a vulnerability which was not known before) and exploited it to demonstrate that the latest version of the Safari web browser for Windows can be hacked. The contest was won by the CISSRT information security specialists.
In the analogous contest the participants formally failed to hack an iPad, because the program for exploiting a software vulnerability (the exploit) written by them did not work stably. Nevertheless, the CISSRT specialists proved the existence of the vulnerability in the mobile version of Safari during the qualification round of the contest, and the failure during the contest itself was due to the difficulties with the exploit only.
To Drunk to Hack
The "Too Drunk to Hack" contest was conducted at the end of the contest program. The participants of the contest were offered to hack a copy of the forum website www.phdays.com. In case of a mistake, a contestant was to drink 50 grams of tequila. Russian and foreign guests of the forum of the full legal age took part in the contest. Vladimir Vorontsov, information security expert at onsec.ru became the winner. After six mistakes he managed to find all the required vulnerabilities.
In this contest the contestants were to find a wireless access point, which was constantly moving around the place during the whole day. It is remarkable, that one of the contest winners was a young lady.
To Hack in 900 Seconds
The participants were to successively hack network equipment (switches) in 6 stages. The contestants actively used the hints, provided by Alexey Lukatsky, the representative of Cisco Systems. The winner of the contest is a participant with an ambiguous nickname "003".
The organizer of the contests program and Positive Technologies expert Dmitry Evteev commented, "The specialists that took part in the contests were very good, they coped with many challenging problems. It should be noted, that some tasks were too difficult for the participants, but it was rather due to general tiredness, accumulated during the day of informative program of the forum. Generally, I'm glad that the level of training of Russian specialists is no worse than the level of the foreigners."
Leading specialists of Russian IT market from Kaspersky Lab, Cisco Systems, RISSPA, Federal Service for Technical and Export Control, Rostelecom, VimpelCom, etc. presented their reports at technical and business workshops.
The participants discussed such topics as cybercrimes and cyberwars, security of wireless networks and remote banking systems, DDoS, WIkiLeaks and sensitive information disclosure, the Information Society program. Technical specialists took part in master classes of various levels conducted by distinguished experts in vulnerability detection and security analysis of various information systems.
__________________________________ __________________________________ __________________________________ __________________________________