New Speakers at PHDays IV: How to Hack Gmail and WordPress and Spy through TV

[Alexander Lashkov <ALashkov () ptsecurity com>]

Hacking emails of authoritative users is usually accompanied by debates about the identity of such email correspondence 
that became available on the Internet. Until now, we thought that a correct DKIM signature indicates at the author of 
the correspondence containing this signature. But can we trust this authentication mechanism? Vulnerabilities in 
Google, Yandex and Mail.Ru will be discussed at the international information security forum Positive Hack Days IV, 
which will be held on May 21 and 22 in Moscow.

Secure protocols are used insecurely

The number of Google, Yandex and Mail.Ru users approaches one billion; hundreds of experts from all over the world are 
involved in security analysis of these services. However, no one is secured against vulnerabilities. Vladimir Dubrovin 
(3APA3A), the founder of Securityvulns.com and developer of the 3proxy server, one of the most outstanding 
representatives of the Russian old school, will speak on the misuse of both well-known (SSL/TLS and Onion Routing) and 
recent protocols insuring privacy, integrity and data encryption. Vladimir will also present new attack vectors aimed 
at accessing data that are processed by various services, including email.

A smart spy in your house

At the beginning TV were just supposed to be TV. They were used to make people's life happier. Nowadays, TV are 
fully-featured PC, having a proper OS, camera, microphone, web browser, and applications. They still make people happy. 
Especially the malicious ones.

Donato Ferrante and Luigi Auriemma , the founders of ReVuln, known for discovering vulnerabilities in SCADA and 
multiplayer games, will speak on the current status of Smart TV, exploring their attack surface, detailing possible 
areas of interest, and demonstrating some issues the speakers found while assessing the security of Smart TV from 
different vendors.

ARM exploitation

Participants of Aseem Jakhar's workshop will take their laptops and plunge into security issues of ARM. Aseem Jakhar is 
a researcher at Payatu Technologies and one of the founders of Nullcon. He will consider low-level programming starting 
right from the ARM assembly, shellcoding, buffer overflows, reverse engineering to сode injection.

The workshop has a lot of hands-on to get the participants comfortable with ARM assembly and understand the issues 
involved in exploitation of ARM-based Linux systems. To make the workshop more interesting, it uses Android as the 
platform for learning ARM exploitation and hence it covers Android OS specific developing and security concepts.

How to bug a conversation held on the other side of the planet

Lately, phone communications records can be found in the Internet and even be heard on TV. It is obvious that such 
records were obtained without the knowledge of the subscribers. Many of us received weird text messages and, after 
that, long bills for mobile services.

Sergey Puzankov, an expert at Positive Technologies specializing in mobile networks safety, will consider the 
possibilities of an intruder who has access to SS7. The author will speak about algorithms of attacks aimed at: 
disclosure of subscriber’s sensitive data and his or her location, changing dialing numbers of enabled services, call 
redirection, unauthorized intrusion into communication channel. Attacks are performed using recorded signaling 
messages. The research also consider proactive protection against such attacks and methods of investigating incidents 
related to vulnerabilities in a signaling network.

Moloch the investigator

Thousands of years ago, people made human sacrifice to Moloch, an ancient god. The report about Moloch as a highly 
scalable and open source full packet capture system does not contain such bloodthirsty elements (intruders might think 
otherwise). The system can capture from the wire live for use as a network forensics tool to investigate compromises. 
It also serves as a great way for searching and interacting with large PCAP repositories for research (malware traffic, 
exploit/scanning traffic) Its web API also makes it extremely easy to integrate with existing SEIM’s or other alerting 
tools/consoles to help speed up analysis.

Andy Wick and Eoin Miller are members of AOL’s Computer Emergency Response Team. The hands/on lab will be focused on 
how AOL uses Moloch combined with IDS systems (Suricata/Snort) feeding alerting into consoles/SEIM’s (Sguil/ArcSight) 
to help defend their employees, users and the Internet at large. The experts will also run Moloch to capture the 
traffic that is occurring during PHDays CTF and analyze all the incidents.

Industrial cybersecurity and critical infrastructure protection in Europe

The events that have taken place during the last years (from 9/11 attacks to WikiLeaks and the Stuxnet malware) have 
made the governments to include in their agendas the development of national cybersecurity strategies to protect their 
critical infrastructures.

Ignacio Paredes, Studies and Research Manager at the Industrial Cybersecurity Center in Spain, says that hundreds of 
thousands of industrial infrastructures across Europe are at stake. The report will consider the relation between 
industrial and corporate environments and its impact in key organizations for the survival of a country as well as 
current trends in the convergence between industrial and corporate systems, threats and countermeasures.

WordPress security

With approximately 19% of the web running on WordPress, it comes as no surprise that the security of this content 
management system has an enormous impact on a large number of users. Despite being open source, and reviewed by 
security researchers, WordPress is—just as any other software—prone to errors and vulnerabilities.

Tom Van Goethem, a PhD student at KU Leuven (Belgium), will tell PHDays IV participants how the unexpected behavior of 
MySQL led to the discovery of a PHP Object Injection vulnerability in the WordPress core. The author will also 
demonstrate how this vulnerability can be exploited.

If you want to present your report (http://www.phdays.com/program/call_for_papers/) at the international information 
security forum, you must hurry up, because you can submit your application till March 31. Anyways, there are other ways 
to join PHDays IV (see here http://www.phdays.com/how_to_join/).

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/