The encryption method of Microsoft Office 2010 and thereafter is designed to be considerably safer than that of the versions prior to MS Office 2007. However, it is revealed that encrypted files of Excel 2010 and 2013 which are created under a specific condition can be decrypted easily, no matter how strong the configured password is. In this session, we will show the background behind the discovery of the backdoor and a demonstration of the decryption tool for the vulnerable encryption. And we will also introduce the tool that modifies the encryption of files containing such vulnerability for a stronger encryption.
Backdoors with the MS Office file encryption master key and a proposal for a ...MITSUNARI Shigeo
This document summarizes a presentation about password encryption in Microsoft Office files and proposes a backdoor-resistant file format. The key points are:
1) The presenter discovered that MS Office 2010/2013 does not update the secret key when the password is changed, allowing files encrypted with different passwords to be attacked with the same secret key.
2) Various password encryption schemes were compared in terms of brute force attack times, showing Office 2013 to be the most secure due to its use of PBKDF2 key stretching.
3) Concerns about the potential for backdoors in encryption schemes that do not independently generate secret keys from passwords led to a proposal for a format using cryptographically secure key derivation.
The document discusses the LLVM compiler framework and infrastructure. It provides reusable components for building compilers to reduce the time and cost of building new compilers. The LLVM compiler framework uses the LLVM infrastructure to build static compilers, JITs, and trace-based optimizers. It emits C code or native code for x86, Sparc, and PowerPC architectures. The three primary LLVM components are the virtual instruction set (the common language- and target-independent intermediate representation), a collection of well-integrated libraries, and a collection of tools built from the libraries.
The document provides examples of subnetting IP address ranges to meet specific requirements for number of subnets and hosts. It demonstrates converting host bits in an IP address to network bits to create subnets, and calculating the resulting number of subnets, hosts per subnet, and subnet ranges. Custom subnet masks are provided based on the number of bits converted from host to network.
Introduce Brainf*ck, another Turing complete programming language. Then, try to implement the following from scratch: Interpreter, Compiler [x86_64 and ARM], and JIT Compiler.
syzkaller is an unsupervised, coverage-guided Linux syscall fuzzer.
The presentation covers basic of operation of the fuzzer, gives tutorial on how to run it and how to extend it to fuzz new drivers.
Backdoors with the MS Office file encryption master key and a proposal for a ...MITSUNARI Shigeo
This document summarizes a presentation about password encryption in Microsoft Office files and proposes a backdoor-resistant file format. The key points are:
1) The presenter discovered that MS Office 2010/2013 does not update the secret key when the password is changed, allowing files encrypted with different passwords to be attacked with the same secret key.
2) Various password encryption schemes were compared in terms of brute force attack times, showing Office 2013 to be the most secure due to its use of PBKDF2 key stretching.
3) Concerns about the potential for backdoors in encryption schemes that do not independently generate secret keys from passwords led to a proposal for a format using cryptographically secure key derivation.
The document discusses the LLVM compiler framework and infrastructure. It provides reusable components for building compilers to reduce the time and cost of building new compilers. The LLVM compiler framework uses the LLVM infrastructure to build static compilers, JITs, and trace-based optimizers. It emits C code or native code for x86, Sparc, and PowerPC architectures. The three primary LLVM components are the virtual instruction set (the common language- and target-independent intermediate representation), a collection of well-integrated libraries, and a collection of tools built from the libraries.
The document provides examples of subnetting IP address ranges to meet specific requirements for number of subnets and hosts. It demonstrates converting host bits in an IP address to network bits to create subnets, and calculating the resulting number of subnets, hosts per subnet, and subnet ranges. Custom subnet masks are provided based on the number of bits converted from host to network.
Introduce Brainf*ck, another Turing complete programming language. Then, try to implement the following from scratch: Interpreter, Compiler [x86_64 and ARM], and JIT Compiler.
syzkaller is an unsupervised, coverage-guided Linux syscall fuzzer.
The presentation covers basic of operation of the fuzzer, gives tutorial on how to run it and how to extend it to fuzz new drivers.
Reverse Engineering the TomTom Runner pt. 1 Luis Grangeia
A hacker likes computers for the same reason that a child likes legos: both allow the creation of something new. However the growing trend has been to 'close up' general purpose computing into devices that serve a narrow purpose. It's been happening with games consoles, routers, smartphones, smart TV's and more recently, smartwatches. A hacker will face this trend as an additional challenge and will be even more motivated to gain control over the device.
This talk is a journey to the world of 'reverse engineering' of a device of the "Internet of Things", in this case a Tomtom Runner sports watch. The author has little previous experience in reverse engineering of embedded systems, so the talk aims to serve as an introduction to this topic, what motivations and what kind of approaches may be tried.
Presented in September 2015 at "Confraria de Segurança da Informação" in Lisbon
BPF (Berkeley Packet Filter) allows for safe dynamic program injection into the Linux kernel. It provides an in-kernel virtual machine and instruction set for running custom programs. The BPF infrastructure includes a verifier that checks programs for safety, helper functions to access kernel APIs, and maps for inter-process communication. BPF has become a core kernel subsystem and is used for applications like XDP, tracing, networking, and more.
The document discusses register allocation in LLVM. It begins with an introduction to the register allocation problem and describes LLVM's base register allocation interface. It then provides more details on LLVM's basic register allocation approach and its greedy register allocation approach. The greedy approach uses techniques like live range splitting to improve register allocation.
This document introduces OpenCL, a framework for parallel programming across heterogeneous systems. OpenCL allows developers to write programs that access GPU and multi-core processors. It provides portability so the same code can run on different processor architectures. The document outlines OpenCL programming basics like kernels, memory objects, and host code that manages kernels. It also provides a simple "Hello World" example of vector addition in OpenCL and recommends additional resources for learning OpenCL.
This document outlines the steps needed to port the LLVM backend to support a new target. It discusses adding support for the new target in areas like CMake configuration, target triples, instruction definitions, register definitions, calling conventions, instruction selection, and code generation. The process involves modifying LLVM headers, defining target descriptions in TableGen files, implementing target-specific classes, and registering the new target. Following the outlined steps will allow LLVM to recognize and support code generation for the new target.
The LLVM project is a collection of compiler and toolchain technologies, including an optimizer, code generators, and front-ends like llvm-gcc and Clang. The project aims to provide modular, reusable compiler components to reduce the time and cost of building compilers. It also seeks to implement modern compiler techniques to generate fast, optimized code. LLVM has been used to build fast C/C++ compilers like LLVM-GCC that show improvements in compilation speed and generated code quality compared to GCC.
Falco is an open source runtime security monitor for containers that detects anomalous activity using rules. It builds on Sysdig by instrumenting the kernel and collecting system calls and events. Falco rules define suspicious behaviors and integrate signals from the kernel, containers, and Kubernetes. Falco detects threats by matching patterns in real time and alerts on suspicious activity, helping operators enforce policies and spot abnormal behavior.
- The document discusses Linux network stack monitoring and configuration. It begins with definitions of key concepts like RSS, RPS, RFS, LRO, GRO, DCA, XDP and BPF.
- It then provides an overview of how the network stack works from the hardware interrupts and driver level up through routing, TCP/IP and to the socket level.
- Monitoring tools like ethtool, ftrace and /proc/interrupts are described for viewing hardware statistics, software stack traces and interrupt information.
The document discusses Arm C Language Extensions (ACLE) for supporting Arm features in C and C++. It provides an overview of ACLE intrinsics and data types for SVE, NEON, and FP16. It describes how to include headers to use different Arm features and provides examples of using SVE ACLE intrinsics to vectorize a scalar loop.
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
Second presentation of my research into reverse engineering a TomTom Runner GPS watch. In this I explain how I got running code inside an unfamiliar device and proceeded to bypass its security measures and extract firmware keys and code from the device.
More details on my personal blog, at http://grangeia.io
Presented in October 2015 at "Confraria de Segurança da Informação" in Lisbon
This document provides a tutorial on the C programming language. It covers topics such as C program structure, basic syntax, data types, variables, constants and literals, storage classes, operators, decision making using if/else statements and switches, and loops. The tutorial is intended to help readers simply and easily learn the basics of C programming. It contains over 40 pages of content on C language fundamentals.
This document provides an introduction and overview of Gstreamer, including its concepts and examples of its use. Gstreamer is a media framework that allows building media handling applications and facilitating tasks like accessing hardware, building plugins, and using scriptable command line tools. It discusses key Gstreamer concepts and provides examples of using it to analyze media files, transcode video and audio to different formats, and stream video. The document encourages questions and provides credits for resources used.
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesDefconRussia
This document summarizes vulnerabilities related to server-side request forgery (SSRF) attacks and how they can be exploited. It discusses how external network access and internal network access can be obtained through SSRF. It provides examples of vulnerabilities in various protocols like HTTP, FTP, TFTP, and protocols used by services like Memcached, databases, and file uploads. It also describes how file descriptors can be used to write to open sockets or files to forge server responses or inject malicious content. Overall, the document is an overview of real-world SSRF attacks and exploitation techniques.
Introduction to libre « fulltext » technologyRobert Viseur
The presentation will be based on my personal experience on SQLite, MySQL and Zend Search ; on workshops I’ve attended (PostgreSQL) and on tests conducted under my supervision (PostgreSQL, MySQL, Sphinx, Lucene, Xapian). It will cover an exhaustive overview of existing techniques, from the most basic to the more advanced, and will lead to a comparative table of the existing technology.
Reverse Engineering the TomTom Runner pt. 1 Luis Grangeia
A hacker likes computers for the same reason that a child likes legos: both allow the creation of something new. However the growing trend has been to 'close up' general purpose computing into devices that serve a narrow purpose. It's been happening with games consoles, routers, smartphones, smart TV's and more recently, smartwatches. A hacker will face this trend as an additional challenge and will be even more motivated to gain control over the device.
This talk is a journey to the world of 'reverse engineering' of a device of the "Internet of Things", in this case a Tomtom Runner sports watch. The author has little previous experience in reverse engineering of embedded systems, so the talk aims to serve as an introduction to this topic, what motivations and what kind of approaches may be tried.
Presented in September 2015 at "Confraria de Segurança da Informação" in Lisbon
BPF (Berkeley Packet Filter) allows for safe dynamic program injection into the Linux kernel. It provides an in-kernel virtual machine and instruction set for running custom programs. The BPF infrastructure includes a verifier that checks programs for safety, helper functions to access kernel APIs, and maps for inter-process communication. BPF has become a core kernel subsystem and is used for applications like XDP, tracing, networking, and more.
The document discusses register allocation in LLVM. It begins with an introduction to the register allocation problem and describes LLVM's base register allocation interface. It then provides more details on LLVM's basic register allocation approach and its greedy register allocation approach. The greedy approach uses techniques like live range splitting to improve register allocation.
This document introduces OpenCL, a framework for parallel programming across heterogeneous systems. OpenCL allows developers to write programs that access GPU and multi-core processors. It provides portability so the same code can run on different processor architectures. The document outlines OpenCL programming basics like kernels, memory objects, and host code that manages kernels. It also provides a simple "Hello World" example of vector addition in OpenCL and recommends additional resources for learning OpenCL.
This document outlines the steps needed to port the LLVM backend to support a new target. It discusses adding support for the new target in areas like CMake configuration, target triples, instruction definitions, register definitions, calling conventions, instruction selection, and code generation. The process involves modifying LLVM headers, defining target descriptions in TableGen files, implementing target-specific classes, and registering the new target. Following the outlined steps will allow LLVM to recognize and support code generation for the new target.
The LLVM project is a collection of compiler and toolchain technologies, including an optimizer, code generators, and front-ends like llvm-gcc and Clang. The project aims to provide modular, reusable compiler components to reduce the time and cost of building compilers. It also seeks to implement modern compiler techniques to generate fast, optimized code. LLVM has been used to build fast C/C++ compilers like LLVM-GCC that show improvements in compilation speed and generated code quality compared to GCC.
Falco is an open source runtime security monitor for containers that detects anomalous activity using rules. It builds on Sysdig by instrumenting the kernel and collecting system calls and events. Falco rules define suspicious behaviors and integrate signals from the kernel, containers, and Kubernetes. Falco detects threats by matching patterns in real time and alerts on suspicious activity, helping operators enforce policies and spot abnormal behavior.
- The document discusses Linux network stack monitoring and configuration. It begins with definitions of key concepts like RSS, RPS, RFS, LRO, GRO, DCA, XDP and BPF.
- It then provides an overview of how the network stack works from the hardware interrupts and driver level up through routing, TCP/IP and to the socket level.
- Monitoring tools like ethtool, ftrace and /proc/interrupts are described for viewing hardware statistics, software stack traces and interrupt information.
The document discusses Arm C Language Extensions (ACLE) for supporting Arm features in C and C++. It provides an overview of ACLE intrinsics and data types for SVE, NEON, and FP16. It describes how to include headers to use different Arm features and provides examples of using SVE ACLE intrinsics to vectorize a scalar loop.
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
Second presentation of my research into reverse engineering a TomTom Runner GPS watch. In this I explain how I got running code inside an unfamiliar device and proceeded to bypass its security measures and extract firmware keys and code from the device.
More details on my personal blog, at http://grangeia.io
Presented in October 2015 at "Confraria de Segurança da Informação" in Lisbon
This document provides a tutorial on the C programming language. It covers topics such as C program structure, basic syntax, data types, variables, constants and literals, storage classes, operators, decision making using if/else statements and switches, and loops. The tutorial is intended to help readers simply and easily learn the basics of C programming. It contains over 40 pages of content on C language fundamentals.
This document provides an introduction and overview of Gstreamer, including its concepts and examples of its use. Gstreamer is a media framework that allows building media handling applications and facilitating tasks like accessing hardware, building plugins, and using scriptable command line tools. It discusses key Gstreamer concepts and provides examples of using it to analyze media files, transcode video and audio to different formats, and stream video. The document encourages questions and provides credits for resources used.
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesDefconRussia
This document summarizes vulnerabilities related to server-side request forgery (SSRF) attacks and how they can be exploited. It discusses how external network access and internal network access can be obtained through SSRF. It provides examples of vulnerabilities in various protocols like HTTP, FTP, TFTP, and protocols used by services like Memcached, databases, and file uploads. It also describes how file descriptors can be used to write to open sockets or files to forge server responses or inject malicious content. Overall, the document is an overview of real-world SSRF attacks and exploitation techniques.
Introduction to libre « fulltext » technologyRobert Viseur
The presentation will be based on my personal experience on SQLite, MySQL and Zend Search ; on workshops I’ve attended (PostgreSQL) and on tests conducted under my supervision (PostgreSQL, MySQL, Sphinx, Lucene, Xapian). It will cover an exhaustive overview of existing techniques, from the most basic to the more advanced, and will lead to a comparative table of the existing technology.
This document summarizes the evolution of PHP from issues with early versions like inconsistent naming and unpredictable releases to recent improvements like namespaces, anonymous functions, and a standardized release cycle. It discusses tools for PHP development like Composer and FIG as well as educational resources. Key points covered include PHP's move to namespaces in 5.3, anonymous functions in 5.4, and built-in password hashing in 5.5. FIG standards like PSR-0 help code sharing while Composer eases dependency management.
Using existing language skillsets to create large-scale, cloud-based analyticsMicrosoft Tech Community
This document discusses how to use Python for analytics with Azure Data Lake. Currently, Python can be used via an extension library to run Python code in a reducer context. Going forward, Python will be able to run natively on vertices, allowing Python code to be used to build extractors, processors, outputters, reducers, appliers, and combiners. This will enable fully leveraging Python for analytics tasks like transforming data, creating new columns, and deleting columns.
2.4 Optimizing your Visual COBOL ApplicationsMicro Focus
This document discusses various techniques for optimizing Visual COBOL applications, including locating bottlenecks, tuning file access and configuration, optimizing database access, and structuring applications for better performance. It provides information on profiling tools, guidelines for file handling configuration options like access permissions and indexing, recommendations for database drivers and OpenESQL directives, best practices for program structure and modularity, and tips for working with data types and arithmetic operations. The overall goal is helping developers create applications that perform efficiently through various optimization and tuning strategies.
Hacker Halted 2014 - RDP Fuzzing And Why the Microsoft Open Protocol Specific...EC-Council
Over the past year, Tripwire Security Researchers Tyler Reguly and Andrew Swoboda have invested numerous hours into understanding the Microsoft Remote Desktop Protocol, specifically the pre-authentication portions of RDP. The Microsoft Open Protocol Specifications were heavily utilized for this projected and, while both researchers had used the specifications before, neither had fully realized their usefulness to security researchers. This session will be a discussion of The Microsoft Open Protocol Specification with RDP as the example. The culmination of the session will be the release of a new RDP Fuzzer and a discussion around the vulnerabilities it has already discovered.
Attendees can expect to walk away with a strong understanding of the Microsoft Open Protocol Specifications and how they can leverage them to build protocol implementations and fuzzers, as well as investigate inherent flaws and discover new vulnerabilities. Attendees will have a better understanding of the pre-authentication RDP connection sequence and exactly what data is exchanged and what an attacker can deduce from this communication. Finally, attendees will gain insight into new RDP vulnerabilities.
U-SQL is a language for big data processing that unifies SQL and C#/custom code. It allows for processing of both structured and unstructured data at scale. Some key benefits of U-SQL include its ability to natively support both declarative queries and imperative extensions, scale to large data volumes efficiently, and query data in place across different data sources. U-SQL scripts can be used for tasks like complex analytics, machine learning, and ETL workflows on big data.
This document summarizes a presentation about generating remote proxies using JSON-RPC. It discusses moving presentation logic to the client in Web 2.0 applications while keeping business logic on the server. This is solved using the remote proxy pattern, where a JavaScript proxy object routes method calls to a backend PHP implementation over JSON-RPC. It describes implementing a JSON-RPC client and server, and generating JavaScript proxy classes from PHP classes to expose the backend over JSON-RPC.
Yihan Lian & Zhibin Hu - Smarter Peach: Add Eyes to Peach Fuzzer [rooted2017]RootedCON
Peach is a smart and widely used fuzzer, which has lots of advantages like cross-platform, aware of file format, extend easily and so on. But when AFL fuzzer has appeared, peach seems to be out of date, since it doesn't have coverage feedback and run slowly. Due to peach is a flexible fuzzer framework and AFL is not, I extended peach with AFL advantages, making it more smarter.Just like AFL, I use LLVM Pass to add coverage feedback, with that I can see which mutation is interesting viz. explores new paths. The resultant effect is that the modified version is more effective.
Add-On Development: EE Expects that Every Developer will do his Dutyreedmaniac
Add-Ons are what make ExpressionEngine the flexible powerhouse that it is today. Being able to write your own simple plugins or incredibly expansive modules allows you to mold ExpressionEngine to nearly any task that your website might require. However, with that power comes a great responsibility to insure that your code is not slowing down the entire site or unduly stressing the server through bad code architecture.
There are simple tools already built into ExpressionEngine and PHP that you can use to see precisely what your Add-On is doing during page processing and where it might be doing more work than is absolutely necessary. Every developer should use these to optimize their work from the very beginning of development, prior to release. This workshop will explain these tools and how you can use them effectively. It will also delve deeper into optimization techniques and tricks that will keep your code light and clean, while finding a balance between functionality and performance.
This document summarizes a talk on add-on development for ExpressionEngine. It discusses the three types of add-ons in EE - extensions, modules, and plugins. It covers important skills for add-on development like PHP, SQL, HTML/CSS, and JavaScript. It provides guidance on developing add-ons including researching existing approaches, mapping out features, designing database structures and template tags, and building the control panel. The document emphasizes best practices like following EllisLab development guidelines, proper commenting, sanitizing inputs, and using abstraction.
This document discusses file handling in C/C++. It begins by defining a computer file and explaining why file handling is important in programming. It then outlines the five main steps for file handling in C++, which are to include header files, declare file stream variables, associate streams with files, perform read/write operations, and close files. Various C++ file stream functions like open(), close(), getline(), and >> and << operators are described. Code snippets are provided as examples to read from and write to text files, appending data to files, and getting all data from a file.
Abstract:
A apresentação centra-se na temática de ter forma de controlar, versionar e actualizar toda a parte de Base de Dados de um projecto. Estamos a falar, desde a produção de modelos ER, a versionamento de scripts, passando pelo deploy dos mesmos e terminado na documentação. A apresentação conta ainda com uma breve demonstração do uso da ferramenta Flyway para versionar e controlar a execução de scripts nos diversos ambientes de um projecto.
Sobre o Nuno Alves:
Chamo-me Nuno Alves nascido em Coimbra, Portugal e vivi maioritariamente em Leiria. Licenciado em Engenharia Informática na ESTG-IPLeiria (Escola Superior de Tecnologia e Gestão) onde o gosto por dados e bases de dados se começou a desenvolver. Daí, profissionalmente a minha área de actuação ser em torno de bases de dados e infra-estruturas. Tenho cerca de 10 anos de experiência repartidos pelas áreas Financeira, Seguros, Governo, Militar em tecnologias que vão desde Oracle, PostgreSQL, MSSQLServer a DB2.
Scalable and High available Distributed File System Metadata Service Using gR...Alluxio, Inc.
Alluxio Community Office Hour
Apr 7, 2020
For more Alluxio events: https://www.alluxio.io/events/
Speaker: Bin Fan
Alluxio (alluxio.io) is an open-source data orchestration system that provides a single namespace federating multiple external distributed storage systems. It is critical for Alluxio to be able to store and serve the metadata of all files and directories from all mounted external storage both at scale and at speed.
This talk shares our design, implementation, and optimization of Alluxio metadata service (master node) to address the scalability challenges. Particularly, we will focus on how to apply and combine techniques including tiered metadata storage (based on off-heap KV store RocksDB), fine-grained file system inode tree locking scheme, embedded state-replicate machine (based on RAFT), exploration and performance tuning in the correct RPC frameworks (thrift vs gRPC) and etc. As a result of the combined above techniques, Alluxio 2.0 is able to store at least 1 billion files with a significantly reduced memory requirement, serving 3000 workers and 30000 clients concurrently.
In this Office Hour, we will go over how to:
- Metadata storage challenges
- How to combine different open source technologies as building blocks
- The design, implementation, and optimization of Alluxio metadata service
The document discusses various topics related to software development security including programming concepts, compilers and interpreters, procedural vs object-oriented programming, application development methods like waterfall vs agile, database security concepts, and assessing software vulnerabilities. It provides an overview of machine code, source code, and assembly language. It also describes compilers and interpreters, top-down vs bottom-up programming, open source vs proprietary software, and the software development lifecycle (SDLC) process.
Add-On Development: EE Expects that Every Developer will do his DutyLeslie Doherty
A presentation on Add-On Development: EE Expects that Every Developer will do his Duty as given at the EECI2009 conference in Leiden by Paul Burdick, lead developer at Solspace.
This document discusses add-on development for ExpressionEngine. It covers what add-ons are, including extensions, modules, and plugins. It discusses necessary development skills like PHP, SQL, and HTML/CSS. It provides guidance on planning add-on development through researching, mapping features, designing templates and control panels. The document also covers writing code through following best practices, debugging, and improving performance. Developers are encouraged to turn on debugging, review queries, consider caching, remove deprecated code, and ask for help when needed.
Eclipse Hawk provides scalable querying of models by indexing them into graph databases. It addresses challenges of collaborative modeling on large systems by distributed teams. The Hawk API is designed for flexibility, performance, and scalability through features like multiple communication styles, efficient encodings, and paged results.
Similar to Backdoors with the MS Office file encryption master key and a proposal for a reliable file format by Mitsunari Shigeo & Yoshinari Takesako (20)
[cb22] Hayabusa Threat Hunting and Fast Forensics in Windows environments fo...CODE BLUE
It started with computer hacking and Japanese linguistics as a kid. Zach Mathis has been based in Kobe, Japan, and has performed both red team services as well as blue team incident response and defense consultation for major Japanese global Japanese corporations since 2006. He is the founder of Yamato Security, one of the largest and most popular hands-on security communities in Japan, and has been providing free training since 2012 to help improve the local security community. Since 2016, he has been teaching security for the SANS institute and holds numerous GIAC certifications. Currently, he is working with other Yamato security members to provide free and open-source security tools to help security analysts with their work.
[cb22] Tales of 5G hacking by Karsten NohlCODE BLUE
An expert in mobile network security provided a summary of hacking 5G networks. Some key points include:
1) Standard IT security techniques uncovered issues when applied to upgraded legacy 4G networks, such as unpatched operating systems, weak configurations, and lack of encryption.
2) Future 5G networks introduce new security risks due to increased complexity from virtualization and automation layers, as well as a continuously evolving attack surface extending into cloud infrastructure.
3) Red team exercises show that hacking mobile networks has become a multi-step process, where initial access through one vulnerability can enable lateral movement and privilege escalation to compromise critical systems or customer data.
[cb22] Your Printer is not your Printer ! - Hacking Printers at Pwn2Own by A...CODE BLUE
Printer has become one of the essential devices in the corporate intranet for the past few years, and its functionalities have also increased significantly. Not only print or fax, cloud printing services like AirPrint are also being supported as well to make it easier to use. Direct printing from mobile devices is now a basic requirement in the IoT era. We also use it to print some internal business documents of the company, which makes it even more important to keep the printer safe.
Nowadays, most of the printers on the market do not have to be connected with USB or traditional cable. As long as you are using a LAN cable connected to the intranet, the computer can find and use the printer immediately. Most of them are based on protocols such as SLP and LLMNR. But is it really safe when vendors adopt those protocols? Furthermore, many printers do not use traditional Linux systems, but use RTOS(Real-Time Operating System) instead, how will this affect the attacker?
In this talk, we will use Canon ImageCLASS MF644Cdw and HP Color LaserJet Pro MFP M283fdw as case study, showing how to analyze and gain control access to the printer. We will also demonstrate how to use the vulnerabilities to achieve RCE in RTOS in unauthenticated situations.
[cb22] "The Present and Future of Coordinated Vulnerability Disclosure" Inter...CODE BLUE
While hackers have known the importance of sharing research to improve security for years, the importance of coordinated vulnerability disclosure is increasingly recognized by governments around the world. The principals of disclosure an protecting security researchers are common across borders, but different countries have some key differences. This panel will present a global perspective that may in turn inform key public policy and company behavior.
ENISA has published 'Coordinated Vulnerability Disclosure policies in the EU' in April 2022 . This report not only provides an objective introduction to the current state of coordinated vulnerability disclosure policies in the Member States of the European Union, but also introduces the operation of vulnerability disclosure in China, Japan and the USA. Based on these findings, the desirable and good practice elements of a coordinated vulnerability disclosure process are examined, followed by a discussion of the challenges and issues.
This session aims to share the contents of this report and clarify the challenges and future direction of operations in Japan, as well as national security and vulnerability handling issues in the US, in a panel discussion with representatives from various jurisdictions.
The panelists are involved in the practice of early warning partnership notified bodies in Japan, the authors of the above report in Europe and the contributors to the above report in the US.
In Japan, the issues of system awareness, incentives, increase in the number of outstanding cases in handling and so-called triage in handling vulnerabilities will be introduced.
From the United States, the Vulnerabilities Equities Process for National Security and the publication of a non-prosecution policy for vulnerability research will be introduced, as well as a historical background on the issue.
The aim is that the panel discussion will enable the audience to understand the international situation surrounding CVD, as well as future trends, in particular the important role of vulnerability in cybersecurity and the challenges faced by society around it.
[cb22] "The Present and Future of Coordinated Vulnerability Disclosure" Inter...CODE BLUE
While hackers have known the importance of sharing research to improve security for years, the importance of coordinated vulnerability disclosure is increasingly recognized by governments around the world. The principals of disclosure an protecting security researchers are common across borders, but different countries have some key differences. This panel will present a global perspective that may in turn inform key public policy and company behavior.
ENISA has published 'Coordinated Vulnerability Disclosure policies in the EU' in April 2022 . This report not only provides an objective introduction to the current state of coordinated vulnerability disclosure policies in the Member States of the European Union, but also introduces the operation of vulnerability disclosure in China, Japan and the USA. Based on these findings, the desirable and good practice elements of a coordinated vulnerability disclosure process are examined, followed by a discussion of the challenges and issues.
This session aims to share the contents of this report and clarify the challenges and future direction of operations in Japan, as well as national security and vulnerability handling issues in the US, in a panel discussion with representatives from various jurisdictions.
The panelists are involved in the practice of early warning partnership notified bodies in Japan, the authors of the above report in Europe and the contributors to the above report in the US.
In Japan, the issues of system awareness, incentives, increase in the number of outstanding cases in handling and so-called triage in handling vulnerabilities will be introduced.
From the United States, the Vulnerabilities Equities Process for National Security and the publication of a non-prosecution policy for vulnerability research will be introduced, as well as a historical background on the issue.
[cb22] ”The Present and Future of Coordinated Vulnerability Disclosure” Inte...CODE BLUE
While hackers have known the importance of sharing research to improve security for years, the importance of coordinated vulnerability disclosure is increasingly recognized by governments around the world. The principals of disclosure an protecting security researchers are common across borders, but different countries have some key differences. This panel will present a global perspective that may in turn inform key public policy and company behavior.
ENISA has published 'Coordinated Vulnerability Disclosure policies in the EU' in April 2022 . This report not only provides an objective introduction to the current state of coordinated vulnerability disclosure policies in the Member States of the European Union, but also introduces the operation of vulnerability disclosure in China, Japan and the USA. Based on these findings, the desirable and good practice elements of a coordinated vulnerability disclosure process are examined, followed by a discussion of the challenges and issues.
This session aims to share the contents of this report and clarify the challenges and future direction of operations in Japan, as well as national security and vulnerability handling issues in the US, in a panel discussion with representatives from various jurisdictions.
The panelists are involved in the practice of early warning partnership notified bodies in Japan, the authors of the above report in Europe and the contributors to the above report in the US.
In Japan, the issues of system awareness, incentives, increase in the number of outstanding cases in handling and so-called triage in handling vulnerabilities will be introduced.
From the United States, the Vulnerabilities Equities Process for National Security and the publication of a non-prosecution policy for vulnerability research will be introduced, as well as a historical background on the issue.
The aim is that the panel discussion will enable the audience to understand the international situation surrounding CVD, as well as future trends, in particular the important role of vulnerability in cybersecurity and the challenges faced by society around it.
[cb22] "The Present and Future of Coordinated Vulnerability Disclosure" Inter...CODE BLUE
While hackers have known the importance of sharing research to improve security for years, the importance of coordinated vulnerability disclosure is increasingly recognized by governments around the world. The principals of disclosure an protecting security researchers are common across borders, but different countries have some key differences. This panel will present a global perspective that may in turn inform key public policy and company behavior.
ENISA has published 'Coordinated Vulnerability Disclosure policies in the EU' in April 2022 . This report not only provides an objective introduction to the current state of coordinated vulnerability disclosure policies in the Member States of the European Union, but also introduces the operation of vulnerability disclosure in China, Japan and the USA. Based on these findings, the desirable and good practice elements of a coordinated vulnerability disclosure process are examined, followed by a discussion of the challenges and issues.
This session aims to share the contents of this report and clarify the challenges and future direction of operations in Japan, as well as national security and vulnerability handling issues in the US, in a panel discussion with representatives from various jurisdictions.
The panelists are involved in the practice of early warning partnership notified bodies in Japan, the authors of the above report in Europe and the contributors to the above report in the US.
In Japan, the issues of system awareness, incentives, increase in the number of outstanding cases in handling and so-called triage in handling vulnerabilities will be introduced.
From the United States, the Vulnerabilities Equities Process for National Security and the publication of a non-prosecution policy for vulnerability research will be introduced, as well as a historical background on the issue.
The aim is that the panel discussion will enable the audience to understand the international situation surrounding CVD, as well as future trends, in particular the important role of vulnerability in cybersecurity and the challenges faced by society around it.
[cb22] Are Embedded Devices Ready for ROP Attacks? -ROP verification for low-...CODE BLUE
Yuuma Taki is enrolled in the Hokkaido Information University Information Media Faculty of Information Media (4th year).
At university he is focusing on learning about security for lower-level components, such OS and CPU. In his third year of undergraduate school, he worked on trying to implement the OS security mechanism "KASLR", at Sechack365.
Currently, he is learning about ROP derivative technology and embedded equipment security.
[cb22] Under the hood of Wslink’s multilayered virtual machine en by Vladisla...CODE BLUE
In October 2021, we published the first analysis of Wslink – a unique loader likely linked to the Lazarus group. Most samples are packed and protected with an advanced virtual machine (VM) obfuscator; the samples contain no clear artifacts and we initially did not associate the obfuscation with a publicly known VM, but we later managed to connect it to CodeVirtualizer. This VM introduces several additional obfuscation techniques such as insertion of junk code, encoding of virtual operands, duplication of virtual opcodes, opaque predicates, merging of virtual instructions, and a nested VM.
Our presentation analyzes the internals of the VM and describes our semi automated approach to “see through” the obfuscation techniques in reasonable time. We demonstrate the approach on some bytecode from a protected sample and compare the results with a non-obfuscated sample, found subsequent to starting our analysis, confirming the method’s validity. Our solution is based on a known deobfuscation method that extracts the semantics of the virtual opcodes, using symbolic execution with simplifying rules. We further treat the bytecode chunks and some internal constructs of the VM as concrete values instead of as symbolic ones, enabling the known deobfuscation method to deal with the additional obfuscation techniques automatically.
[cb22] CloudDragon’s Credential Factory is Powering Up Its Espionage Activiti...CODE BLUE
Kimsuky is a North Korean APT possibly controlled by North Korea's Reconnaissance General Bureau. Based on reports from the Korea Internet & Security Agency (KISA) and other vendors, TeamT5 identified that Kimsuky's most active group, CloudDragon, built a workflow functioning as a "Credential Factory," collecting and exploiting these massive credentials.
The credential factory powers CloudDragon to start its espionage campaigns. CloudDragon's campaigns have aligned with DPRK's interests, targeting the organizations and key figures playing a role in the DPRK relationship. Our database suggested that CloudDragon has possibly infiltrated targets in South Korea, Japan, and the United States. Victims include think tanks, NGOs, media agencies, educational institutes, and many individuals.
CloudDragon's "Credential Factory" can be divided into three small cycles, "Daily Cycle," "Campaign Cycle," and "Post-exploit Cycle." The"Daily Cycle" can collect massive credentials and use the stolen credentials to accelerate its APT life cycle.
In the "Campaign Cycle," CloudDragon develops many new malware. While we responded to CloudDragon's incidents, we found that the actor still relied on BabyShark malware. CloudDragon once used BabyShark to deploy a new browser extension malware targeting victims' browsers. Moreover, CloudDragon is also developing a shellcode-based malware, Dust.
In the "Post-exploit Cycle," the actor relied on hacking tools rather than malicious backdoors. We also identified that the actor used remote desktop software to prevent detection.
In this presentation, we will go through some of the most significant operations conducted by CloudDragon, and more importantly, we will provide possible scenarios of future invasions for defense and detection.
[cb22] From Parroting to Echoing: The Evolution of China’s Bots-Driven Info...CODE BLUE
Social media is no doubt a critical battlefield for threat actors to launch InfoOps, especially in a critical moment such as wartime or the election season. We have seen Bot-Driven Information Operations (InfoOps, aka influence campaign) have attempted to spread disinformation, incite protests in the physical world, and doxxing against journalists.
China's Bots-Driven InfoOps, despite operating on a massive scale, are often considered to have low impact and very little organic engagement. In this talk, we will share our observations on these persistent Bots-Driven InfoOps and dissect their harmful disinformation campaigns circulated in cyberspace.
In the past, most bots-driven operations simply parroted narratives of the Chinese propaganda machine, mechanically disseminating the same propaganda and disinformation artifacts made by Chinese state media. However, recently, we saw the newly created bots turn to post artifacts in a livelier manner. They utilized various tactics, including reposting screenshots of forum posts and disguised as members of “Milk Tea Alliance,” to create a false appearance that such content is being echoed across cyberspace.
We particularly focus on an ongoing China's bots-driven InfoOps targeting Taiwan, which we dub "Operation ChinaRoot." Starting in mid-2021, the bots have been disseminating manipulated information about Taiwan's local politics and Covid-19 measures. Our further investigation has also identified the linkage between Operation ChinaRoot and other Chinese state-linked networks such as DRAGONBRIDGE and Spamouflage.
[cb22] Who is the Mal-Gopher? - Implementation and Evaluation of “gimpfuzzy”...CODE BLUE
Malwares written in Go is increasing every year. Go's cross-platform nature makes it an opportune language for attackers who wish to target multiple platforms. On the other hand, the statically linked libraries make it difficult to distinguish between user functions and libraries, making it difficult for analysts to analyze. This situation has increased the demand for Go malware classification and exploration.
In this talk, we will demonstrate the feasibility of computing similarity and classification of Go malware using a newly proposed method called gimpfuzzy. We have implemented "gimpfuzzy", which incorporates Fuzzy Hashing into the existing gimphash method. In this talk, we will verify the discrimination rate of the classification using the proposed method and confirm the validity of the proposed method by discussing some examples from the classified results. We will also discuss issues in Go-malware classification.
[cb22] Tracking the Entire Iceberg - Long-term APT Malware C2 Protocol Emulat...CODE BLUE
This document discusses the results of long-term scanning and analysis of Winnti 4.0 and ShadowPad malware command and control (C2) protocols. It finds that Winnti 4.0 C2s primarily use TLS, HTTPS, and HTTP, while ShadowPad variants primarily use TCP, HTTPS, and HTTP. Analysis of the protocols reveals encryption methods, packet structures, and server-side functionality. Over time, the number and distribution of active C2s changed, likely in response to research publications and incident response actions. The document advocates for anonymization techniques and merits and risks of future research publications.
[cb22] Fight Against Malware Development Life Cycle by Shusei Tomonaga and Yu...CODE BLUE
We are swamped with new types of malware every day. The goal of malware analysis is not to reveal every single detail of the malware. It is more important to develop tools for efficiency or introduce automation to avoid repeating the same analysis process. Therefore, malware analysts usually actively develop tools and build analysis systems. On the other hand, it costs a lot for such tool developments and system maintenance. Incident trends change daily, and malware keeps evolving. However, it is not easy to keep up with new threats. Malware analysts spend a long time maintaining their analysis systems, and it results in reducing their time for necessary analysis of new types of malware.
To solve these problems, we incorporate DevOps practices into malware analysis to reduce the cost of system maintenance by using CI/CD and Serverless. This presentation shares our experience on how CI/CD, Serverless, and other cloud technologies can be used to streamline malware analysis. Specifically, the following case studies are discussed.
* Malware C2 Monitoring
* Malware Hunting using Cloud
* YARA CI/CD system
* Malware Analysis System on Cloud
* Memory Forensic on Cloud
Through the above case studies, we will share the benefits and tips of using the cloud and show how to build a similar system using Infrastructure as Code (IaC). The audience will learn how to improve the efficiency of malware analysis and build a malware analysis system using Cloud infrastructure.
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsPeter Muessig
The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.
Using Query Store in Azure PostgreSQL to Understand Query PerformanceGrant Fritchey
Microsoft has added an excellent new extension in PostgreSQL on their Azure Platform. This session, presented at Posette 2024, covers what Query Store is and the types of information you can get out of it.
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLESanfaltahir1010
Image: Include an image that represents the concept of precision, such as a AI helix or a futuristic healthcare
setting.
Objective: Provide a foundational understanding of precision medicine and its departure from traditional
approaches
Role of theory: Discuss how genomics, the study of an organism's complete set of AI ,
plays a crucial role in precision medicine.
Customizing treatment plans: Highlight how genetic information is used to customize
treatment plans based on an individual's genetic makeup.
Examples: Provide real-world examples of successful application of AI such as genetic
therapies or targeted treatments.
Importance of molecular diagnostics: Explain the role of molecular diagnostics in identifying
molecular and genetic markers associated with diseases.
Biomarker testing: Showcase how biomarker testing aids in creating personalized treatment plans.
Content:
• Ethical issues: Examine ethical concerns related to precision medicine, such as privacy, consent, and
potential misuse of genetic information.
• Regulations and guidelines: Present examples of ethical guidelines and regulations in place to safeguard
patient rights.
• Visuals: Include images or icons representing ethical considerations.
Content:
• Ethical issues: Examine ethical concerns related to precision medicine, such as privacy, consent, and
potential misuse of genetic information.
• Regulations and guidelines: Present examples of ethical guidelines and regulations in place to safeguard
patient rights.
• Visuals: Include images or icons representing ethical considerations.
Content:
• Ethical issues: Examine ethical concerns related to precision medicine, such as privacy, consent, and
potential misuse of genetic information.
• Regulations and guidelines: Present examples of ethical guidelines and regulations in place to safeguard
patient rights.
• Visuals: Include images or icons representing ethical considerations.
Real-world case study: Present a detailed case study showcasing the success of precision
medicine in a specific medical scenario.
Patient's journey: Discuss the patient's journey, treatment plan, and outcomes.
Impact: Emphasize the transformative effect of precision medicine on the individual's
health.
Objective: Ground the presentation in a real-world example, highlighting the practical
application and success of precision medicine.
Data challenges: Address the challenges associated with managing large sets of patient data in precision
medicine.
Technological solutions: Discuss technological innovations and solutions for handling and analyzing vast
datasets.
Visuals: Include graphics representing data management challenges and technological solutions.
Objective: Acknowledge the data-related challenges in precision medicine and highlight innovative solutions.
Data challenges: Address the challenges associated with managing large sets of patient data in precision
medicine.
Technological solutions: Discuss technological innovations and solutions
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...Paul Brebner
Closing talk for the Performance Engineering track at Community Over Code EU (Bratislava, Slovakia, June 5 2024) https://eu.communityovercode.org/sessions/2024/why-apache-kafka-clusters-are-like-galaxies-and-other-cosmic-kafka-quandaries-explored/ Instaclustr (now part of NetApp) manages 100s of Apache Kafka clusters of many different sizes, for a variety of use cases and customers. For the last 7 years I’ve been focused outwardly on exploring Kafka application development challenges, but recently I decided to look inward and see what I could discover about the performance, scalability and resource characteristics of the Kafka clusters themselves. Using a suite of Performance Engineering techniques, I will reveal some surprising discoveries about cosmic Kafka mysteries in our data centres, related to: cluster sizes and distribution (using Zipf’s Law), horizontal vs. vertical scalability, and predicting Kafka performance using metrics, modelling and regression techniques. These insights are relevant to Kafka developers and operators.
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdfBaha Majid
IBM watsonx Code Assistant for Z, our latest Generative AI-assisted mainframe application modernization solution. Mainframe (IBM Z) application modernization is a topic that every mainframe client is addressing to various degrees today, driven largely from digital transformation. With generative AI comes the opportunity to reimagine the mainframe application modernization experience. Infusing generative AI will enable speed and trust, help de-risk, and lower total costs associated with heavy-lifting application modernization initiatives. This document provides an overview of the IBM watsonx Code Assistant for Z which uses the power of generative AI to make it easier for developers to selectively modernize COBOL business services while maintaining mainframe qualities of service.
Microservice Teams - How the cloud changes the way we workSven Peters
A lot of technical challenges and complexity come with building a cloud-native and distributed architecture. The way we develop backend software has fundamentally changed in the last ten years. Managing a microservices architecture demands a lot of us to ensure observability and operational resiliency. But did you also change the way you run your development teams?
Sven will talk about Atlassian’s journey from a monolith to a multi-tenanted architecture and how it affected the way the engineering teams work. You will learn how we shifted to service ownership, moved to more autonomous teams (and its challenges), and established platform and enablement teams.
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesQuickdice ERP
Explore the seamless transition to e-invoicing with this comprehensive guide tailored for Saudi Arabian businesses. Navigate the process effortlessly with step-by-step instructions designed to streamline implementation and enhance efficiency.
What to do when you have a perfect model for your software but you are constrained by an imperfect business model?
This talk explores the challenges of bringing modelling rigour to the business and strategy levels, and talking to your non-technical counterparts in the process.
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...kalichargn70th171
In today's business landscape, digital integration is ubiquitous, demanding swift innovation as a necessity rather than a luxury. In a fiercely competitive market with heightened customer expectations, the timely launch of flawless digital products is crucial for both acquisition and retention—any delay risks ceding market share to competitors.
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemPeter Muessig
Learn about the latest innovations in and around OpenUI5/SAPUI5: UI5 Tooling, UI5 linter, UI5 Web Components, Web Components Integration, UI5 2.x, UI5 GenAI.
Recording:
https://www.youtube.com/live/MSdGLG2zLy8?si=INxBHTqkwHhxV5Ta&t=0
Enhanced Screen Flows UI/UX using SLDS with Tom KittPeter Caitens
Join us for an engaging session led by Flow Champion, Tom Kitt. This session will dive into a technique of enhancing the user interfaces and user experiences within Screen Flows using the Salesforce Lightning Design System (SLDS). This technique uses Native functionality, with No Apex Code, No Custom Components and No Managed Packages required.
Mobile App Development Company In Noida | Drona InfotechDrona Infotech
Drona Infotech is a premier mobile app development company in Noida, providing cutting-edge solutions for businesses.
Visit Us For : https://www.dronainfotech.com/mobile-application-development/
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdfVALiNTRY360
Salesforce Healthcare CRM, implemented by VALiNTRY360, revolutionizes patient management by enhancing patient engagement, streamlining administrative processes, and improving care coordination. Its advanced analytics, robust security, and seamless integration with telehealth services ensure that healthcare providers can deliver personalized, efficient, and secure patient care. By automating routine tasks and providing actionable insights, Salesforce Healthcare CRM enables healthcare providers to focus on delivering high-quality care, leading to better patient outcomes and higher satisfaction. VALiNTRY360's expertise ensures a tailored solution that meets the unique needs of any healthcare practice, from small clinics to large hospital systems.
For more info visit us https://valintry360.com/solutions/health-life-sciences
Malibou Pitch Deck For Its €3M Seed Roundsjcobrien
French start-up Malibou raised a €3 million Seed Round to develop its payroll and human resources
management platform for VSEs and SMEs. The financing round was led by investors Breega, Y Combinator, and FCVC.
Most important New features of Oracle 23c for DBAs and Developers. You can get more idea from my youtube channel video from https://youtu.be/XvL5WtaC20A
Oracle 23c New Features For DBAs and Developers.pptx
Backdoors with the MS Office file encryption master key and a proposal for a reliable file format by Mitsunari Shigeo & Yoshinari Takesako
1. Backdoors with the MS Office file
encryption master key
and a proposal for a reliable file format
2015/10/28, 29 CODE BLUE
Mitsunari Shigeo(@herumi)
2. • Attacking Excel files without a password
• This bug is fixed at 2015/Oct/13 (MS15-110)
• Comparison of password encrypted file formats
• How I found this bug
• Proposal for a backdoor-resistant format
Abstract
2/54
3. • R&D for cloud security and
infrastructure at Cybozu Labs, Inc.
• Author of “Applied Cryptography for
the Cloud“ (in Japanese)
• about PFS, ECC, IBE, ABE, FE, HE, ZKP,...
• http://herumi.github.io/ango/
• Microsoft MVP Developer Security (2015)
• Author of the fastest implementation of pairing
• https://github.com/herumi/ate-pairing
• Software implementation of an Attribute-Based
Encryption Scheme, IEEE trans on computers, 2014
Mitsunari Shigeo(@herumi)
3/54
4. • Technical Fellow at Recruit Marketing Partners
• Visiting associate professor at Kochi National
College of Technology
• Review board for CODE BLUE
• OWASP Japan advisory board
• Chairperson of SECCON CTF
• Leader of Shibuya Perl Mongers
• Microsoft MVP Developer Security in 2008
• Author of "How to Execute Arbitrary Code on x86 JIT Compliers"
• Translator of "Reading ECMA-262 Edition 5.1" (2013)
• Best award of CSSx2.0 at "Computer Security Symposium 2013"
Takesako Yoshinori (@takesako)
4/54
5. • Comparison of password encrypted file formats
• Demo
• Situations
• MS Office file format
• How I found this bug
• Proposal for a backdoor-resistant format
Agenda
5/54
6. • Comparison of password encrypted file formats
• Password encryption
• Introduction to attack tools
• Comparison of attack time
• Demo
• Situations
• MS Office file format
• How I found this bug
• Proposal for a backdoor-resistant format
Agenda
6/54
7. • The very basic way
• input : 𝑝𝑎𝑠𝑠 : password, 𝑚 : message
1. 𝑆 𝐾 = 𝐻𝑎𝑠ℎ 𝑝𝑎𝑠𝑠
2. 𝑐 = 𝐸𝑛𝑐 𝑆 𝐾, 𝑚
3. output : 𝑐
• Vulnerable
• The same password always generates
the same 𝑆 𝐾.
Encrypted file with password
𝑚
𝑝𝑎𝑠𝑠
𝑆 𝐾
𝐻𝑎𝑠ℎ
𝐸𝑛𝑐
𝑚depends on only 𝑝𝑎𝑠𝑠
7/54
8. • Password attack tool
• http://hashcat.net/oclhashcat/
• GPGPU based very fast engine
hashcat
8/54
9. • Number of attempts per second
• SHA1 : 4.2 × 1010times/sec on 8x NVidia Titan X
• SHA512 : 5.2 × 109 times/sec
• Time to detect password from 𝐻𝑎𝑠ℎ value
• 𝑝𝑎𝑠𝑠 ∶ assume [a-zA-Z0-9]; 62 letters
• 628 4.2 × 1010 = 1h27m to try all patterns for SHA1
Performance of hashcat
9/54
10. • Add salt
1. generate 𝑠𝑎𝑙𝑡 randomly
2. 𝑆 𝐾 = 𝐻𝑎𝑠ℎ 𝑠𝑎𝑙𝑡, 𝑝𝑎𝑠𝑠
3. 𝑖𝑣 : Initialization Vector
4. c = 𝐸𝑛𝑐(𝑖𝑣, 𝑆 𝐾, 𝑚)
• Even the same password generates
different 𝑆 𝐾
• 𝐻𝑎𝑠ℎ 𝑠𝑎𝑙𝑡1 + ′abc′ ≠ 𝐻𝑎𝑠ℎ(𝑠𝑎𝑙𝑡2 + ′abc′)
• Stronger against rainbow tables attacks
More secure file formats
𝑝𝑎𝑠𝑠
𝐻𝑎𝑠ℎ
𝑠𝑎𝑙𝑡
𝑆 𝐾 𝑚
𝐸𝑛𝑐
𝑚
𝑖𝑣
10/54
11. • Iterate the hash function many times
• 𝑑1 = 𝐻𝑀𝐴𝐶(𝑝𝑎𝑠𝑠, 𝑠𝑎𝑙𝑡)
• 𝑛 is iteration count
• for 𝑖 = 1 to 𝑛 − 1:
• 𝑑𝑖+1 = 𝐻𝑀𝐴𝐶(𝑑𝑖, 𝑠𝑎𝑙𝑡)
• Decrease attack ability to 1/𝑛
• PKCS#5(RFC 2898)
• Password-Based Cryptography
Specification
• PBKDF2(password based key
derivation functions)
• used by ZIP format, etc.
Key stretching
𝑝𝑎𝑠𝑠
𝐻𝑀𝐴𝐶
𝑑𝑖
𝑆 𝐾 = 𝑑1 ⊕ 𝑑2 ⊕ ⋯
𝑛
𝑠𝑎𝑙𝑡
𝑝𝑎𝑠𝑠
𝐻𝑀𝐴𝐶
𝑑𝑖+1
11/54
12. • Another password recovery tool
• http://passcovery.com/
Passcovery
12/54
13. • Brute-force attack time against 8-byte password
• by Passcovery on GeForce GTX860M 1019MHz
• Office 2013 docx format is strong
• Recently, a memory-hard function is recommended
• Argon2 is the winner of Password Hashing Competition
at 2015/Jul/20
Compare attack time
File format # of tries/sec hash stretching days
ZIP(96-bit) 230000000 none 10 days
Office2003 doc 11000000 ? 220 days
ZIP(256-bit AES) 370000 1000 x HMAC SHA1 18 years
Office2007 docx 16000 50000 x SHA1 430 years
Office2010 docx 8100 100000 x SHA1 854 years
Office2013 docx 337 100000 x SHA512 20000 years
13/54
14. • Comparison of password encrypted file formats
• Demo
• MS Office file format
• Secret key generator of the MS Office file format
• Introduction of my tool
• Demo
• Situations
• MS Office file format
• How I found this bug
• Proposal for a backdoor-resistant format
Agenda
14/54
17. • Use two kinds of secret key
• 𝐻 : the above iterated hash function
1. generate 𝑠 from 𝑝𝑎𝑠𝑠 and 𝑠𝑎𝑙𝑡
2. generate 𝑆 𝐾 and encrypt it by 𝑠
3. encrypt 𝑚 by 𝑆 𝐾
• I will explain latter
• two keys for key escrow
• Administrator can decrypt
if password is lost
• encrypt 𝑆 𝐾 with public key of Administrator in advance
MS Office Agile format
𝑚
𝑝𝑎𝑠𝑠
𝑆 𝐾
Enc by 𝑆 𝐾
𝑆 𝐾
𝑚
Enc by 𝑠
𝑠
𝐻
𝑠𝑎𝑙𝑡
17/54
18. • https://github.com/herumi/msoffice/
• My tool to encrypt/decrypt MS Office files
• Supports Windows/Linux
• Supports OpenXML of Office 2007~
• Support Agile format of Office 2010~
• LibreOffice does not support the format yet
• Configurable secret key for Agile format
• Configurable iteration count for stretching
msoffice-crypt
18/54
20. • encrypt with password "test"
• decrypt with password "test"
• attack without password
Usage
decrypt easy.xlsx
with "test" and get 𝑆 𝐾
attack complex.xlsx by 𝑆 𝐾 without password
msoffice-crypt -d complex.xlsx -by easy.xlsx -p test
msoffice-crypt -e plain.xlsx enc.xlsx –p test
msoffice-crypt -d enc.xlsx dec.xlsx –p test
20/54
21. • Comparison of password encrypted file formats
• Demo
• Situations
• What happened?
• Some scenarios
• MS Office file format
• How I found this bug
• Proposal for a backdoor-resistant format
Agenda
21/54
22. • Excel 2010/2013 does not update the secret key
in the file when password is changed (Bug).
What happened?
We can attack them with this one secret key.
master file
with pass
with pass1
with pass2
with pass3
save as...
have same secret key
22/54
23. • At HR
• prepares a master Excel file
• write pay slip into the file, change password, send to
staff
Scenario 1(pay slip delivery)
master file
with pass HR
can attack other files
23/54
24. • Owner
• A master Excel file encrypted with an easy pass
• Modify it and make an important file with strong pass
• Attacker
• Brute-force attack against easy pass
and attack important file
Scenario 2(lost PC)
Brute-force attack
to easy pass
save it
with strong pass
write secret info.
can attack this
PC
24/54
25. • Comparison of password encrypted file formats
• Demo
• Situations
• MS Office file format
• Detail of MS Office file encryption structure
• Relation between password and secret key
• How I found this bug
• Proposal for a backdoor-resistant format
Agenda
25/54
26. • Old format and new format
• MS OLE2のヘッダは"D0 CF 11 E0"
MS Office file encryption details
Office file type Format
doc, ppt, xls (old Office files) MS OLE2
plain docx, pptx, xlsx ZIP file of Open XML files
encrypted docx, pptx, xlsx MS OLE2 including a header
and an encrypted ZIP file
ZIP files (Open XML)
Enc(ZIP files)
encrypted with AES
header
not encrypted
encrypted
26/54
27. • There is a directory structure in one file
Layout of encrypted docx
root/
EncryptionPackage
EncryptionInfo
DataSpaces/
Version
DataSpaceMap
Transformation/
StrongEncryption
Transform/
Primary
DataSpaceInfo/
StrongEncryption
DataSpace
not used
encrypted main ZIP file
encryption information
27/54
28. • Standard encryption (~Office 2007)
• binary format
• supports only SHA-1
• spinCount(=# of iteration) is fixed to 50000
• Agile encryption (Office 2010~)
• XmlEncryptionDescriptor
• supports SHA-1, SHA256, etc.
• variable spinCount
Version of EncryptionInfo
28/54
30. Dependency of variables in encryption
generate
encryptedKey.saltValue
encryptedVerifierHashValue
encryptedVerifierHashInput
encryptedKeyValue
encryptedHmacKey
encryptedHmacValue
password
gen. secretKey
hash
EncryptionPackage
Enc(ZIP file)
ZIP file
gen.
keyData.saltValue
gen. verifierHashInput
verifierHashValue
gen.
HmacKey
hash
30/54
34. • Comparison of password encrypted file formats
• Demo
• Situations
• MS Office file format
• How I found this bug
• Motivation
• CSPRG
• Example of known backdoor
• Hooking into MS Office's secret key generator
• Proposal for a backdoor-resistant format
Agenda
34/54
35. • Normal encryptor
• main part to encrypt 𝑚
• You can not decrypt (𝑠𝑎𝑙𝑡, 𝑐) without 𝑆 𝐾
• We can make a backdoor
if the generator of 𝑆 𝐾 is controlled.
generate 𝑠𝑎𝑙𝑡 randomly
generate 𝑆 𝐾 randomly
𝑐 = 𝐸𝑛𝑐 𝑆 𝐾, 𝑠𝑎𝑙𝑡, 𝑚
Motivation
𝑚 (𝑠𝑎𝑙𝑡, 𝑐)
35/54
36. • Malicious (having backdoor)encryptor
• Malicious Eve prepares a master secret key 𝑋
• Eve embeds 𝑋 into an encryptor
• Eve can get 𝑆 𝐾 = 𝐻 𝑋, 𝑠𝑎𝑙𝑡 by 𝑋 then decrypt it
• You can not notice that (𝑠𝑎𝑙𝑡, 𝑐) has a backdoor
An example of controlled 𝑆 𝐾
𝑚 (𝑠𝑎𝑙𝑡, 𝑐)
generate 𝑠𝑎𝑙𝑡 randomly
𝑆 𝐾 = 𝐻 𝑋, 𝑠𝑎𝑙𝑡
𝑐 = 𝐸𝑛𝑐 𝑚 by (𝑠𝑎𝑙𝑡, 𝑆 𝐾)
Eve
𝑋
𝑆 𝐾
36/54
37. • 5 p.m. on Friday,
Make a proof of concept for MS Office
Hi Mitsunari,
could you hook into the random
generator of MS Office?
I'll try it.
By when do
you need it?
Coming
Monday.
...
37/54
38. • PRG(Pseudo Random Generator)
• used for game and simulation
• MT(Mersenne Twister) is popular
• CSPRG(Cryptographically Secure PRG)
• Nobody should be able to predict next bit
from previous bits
• used for secret key generator
• MT is not CSPRG
• inner status is determined by 624x4-byte output
CSPRG
0 1 0 0 1 1 1 0 1 ?
known previous bits
CSPRG
next bit
38/54
39. • I strongly discourage you from implementing
your own CSPRG
• Use CSPRG provided by system vendor instead
• /dev/urandom on Linux
• non blocking device for CSPRG
• entropy from mouse, keyboard, disk I/O and interrupts
Example of CSPRG
39/54
40. • Intel hardware CSPRG instruction
• Meets the NIST SP 800-90A standard
• Uses an on-chip non-deterministic entropy source
• Easy to use
• Difficult to use it safely
• Retry limit should be employed to prevent a busy loop
(extremely rare)
rdrand
// uint64_t getRand();
getRand:
.lp:
rdrand rax // store random number in rax
jnc .lp // retry if failure (rare)
ret
40/54
41. • Output of /dev/urandom is fixed by only modified
rdrand (kernel 3.8.13 by Taylor Hornby)
• rdrand() { return [edx] ^ 0x41414141; }
• Combine other entropy sources to avoid having a
single point of failure
If rdrand has a backdoor?
41/54
42. • CSPRG of Microsoft CryptoAPI
• Used to generate salt and secret key
• Hook this function
• I expected that MS Office calls this to make a secret key
• If my hooked CryptGenRandom always return fixed
bytes, then a secret key may be fixed.
• First, I tried to my (very old) DLL injection library
• Did not work as expected due to ASLR
CryptGenRandom()
42/54
43. • A library to hook Win32 APIs by MS Research
• http://research.microsoft.com/en-us/projects/detours/
• 64-bit version costs $9,999.95 (32-bit version is free)
• Usage
• Source code of dll to hook
Detours library (1/2)
BOOL HookCryptGenRandom(HCRYPTPROV, DWORD len, BYTE *p) {
memset(p, 'a', len);
return TRUE;
}
BOOL DllMain(HINSTANCE, DWORD reason, LPVOID) {
if (reason == DLL_PROCESS_ATTACH) {
orgFunc = DetourFindFunction("adapi32.dll", "CryptGenRandom");
DetourAttach(&orgFunc, HookCryptGenRandom);
...
43/54
44. • test.exe
• Run test.exe with withdll.exe in Detours
• CryptGenRandom is now hooked!
• But, the function is not called by MS Office...
Detours library (2/2)
int main() {
RandomGenerator rg; // wrapper of CryptGenRandom()
for (int i = 0; i < 3; i++) printf("%08xn", rg.get32());
}
>test.exe
812e1af0 // random
ad990e76
865cb964
>withdll.exe /d:hook.dll test.exe
61616161 // "aaaa"
61616161
61616161
44/54
45. • Run Excel on debugger, see loaded DLLs
• I found rsaenh.dll
Trial and error (1/3)
45/54
46. • Extract symbols of rsaenh.dll
• dumpbin /exports rsaenh.dll
• What is CPGenRandom?
Trial and error (2/3)
ordinal hint RVA name
1 0 0000230C CPAcquireContext
2 1 00003A80 CPCreateHash
3 2 0001CC1C CPDecrypt
4 3 0001DBC8 CPDeriveKey
...
11 A 00009A80 CPGenKey
12 B 00001D3C CPGenRandom
46/54
47. • CPxxx functions are obsolete
• CPxxx is renamed to Cryptxxx
• CPxxx is called from Cryptxxx
• Cryptxxx is hooked automatically if CPxxx is hooked
• Excel calls CPGenRandom
• Excel seems to generate secret key!
• However,
Trial and error (3/3)
>msoffice-crypt –psk easy.xlsx –p test
...
secretKey = 8BBE31319EA4CAB9F...33013EB8853F8C6A7F5
>msoffice-crypt –psk complex.xlsx –p testtest
...
secretKey = 8BBE31319EA4CAB9F...33013EB8853F8C6A7F5
47/54
48. • Excel generates same secret key without hook
• MS Office Word, PowerPoint generate different key
• Only Excel has a bug
• About hooking CPGenRandom
• This hook was not enough to take control over the
generator
• Hooking timer functions were not enough yet
• Details unknown because of no investigation made
It is a bug of Excel
48/54
49. • Comparison of password encrypted file formats
• Demo
• Situations
• MS Office file format
• How I found this bug
• Proposal for a backdoor-resistant format
• Check your Excel files
• Improved format
Agenda
49/54
50. • This bug is fixed at 2015/Oct/13 (MS15-110)
• But, the generated files won't be fixed
• Verify secret keys in your files by msoffice-crypt
• Re-encrypt files if you find the same secret keys
Check your Excel files
50/54
51. • What is a reliable format?
• MS Office format is secure enough,
but it is difficult to prove no backdoor exists in the file
• The problem generally exists for tools provided in binary
• (again) malicious encryptor
• We want a format that is provably secure against
the backdoor
Future work
𝑚 𝑠𝑎𝑙𝑡, 𝑐 , 𝑆 𝐾
blackbox
encryptor
𝑠𝑎𝑙𝑡 : random number
𝑋 : master secret key in the encryptor
𝑆 𝐾 : 𝐻(𝑠𝑎𝑙𝑡, 𝑋)
Eve gets 𝑆 𝐾 by (𝑠𝑎𝑙𝑡, 𝑋)
51/54
53. • For a person who knows only (𝑠𝑎𝑙𝑡, 𝑐)
• same difficulty as previous formats
• For Eve
• same difficulty of the attack against
KDF to get 𝑝𝑎𝑠𝑠 from 𝑠𝑎𝑙𝑡
when 𝑟0 is known
• Detection of maliciousness is easy
if 𝑟0 is fixed
• seems to be safe if all 𝑟0 are
different from each other when
10000 times encrypted
• then, the attack is 10000 times harder for Eve
Difficutly of the proposed format
𝑆 𝐾 𝑚
𝑚
𝑟0 𝑟1𝑝𝑎𝑠𝑠
𝐻 𝐻
𝑠𝑎𝑙𝑡
𝐸𝑛𝑐
53/54
54. • Excel files can be attacked through their secret
key without knowing the pass
• It is a bug of Excel and is fixed
• Proposal for a backdoor-resistant format
• It can be applied to general password based encrypted
file formats
Conclusion
54/54