This document is a presentation about a crackme called Hackito Ergo Sum. It discusses the various techniques used to protect the crackme, including a verification algorithm using RC4 encryption, instruction mutation, control flow graph obfuscation, encryption layers, direct native API calls, anti-debugging methods, and ways attackers could potentially break it such as bruteforcing the encryption key or reversing the encryption algorithm. The presentation concludes by thanking the audience and opening the floor for questions.
Verification of Security for Untrusted Third Party IP CoresIRJET Journal
This document proposes a technique to formally verify third-party IP cores for hardware Trojans that leak sensitive information. It begins with background on the threat of untrusted third parties inserting Trojans, and limitations of existing detection techniques. The proposed technique uses bounded model checking to check if the IP core violates the property "does not leak any sensitive information". If a violation is found, the model checker generates an input sequence that triggers the Trojan. The document motivates the technique with an example AES Trojan, and refines the property checked to make it computationally feasible for large key sizes. Formalizing Trojan detection as a property checking problem allows exhaustive verification of IP cores for information-leaking Trojans.
This document discusses an approach for automatically verifying loop invariants generated by other tools. It presents a constraint-based technique that can quickly filter out spurious invariants by attempting to prove or disprove candidates using a bounded model checker. An evaluation on classical programs showed the approach could validate correct invariants and refute spurious ones in under a minute for most cases tested.
This document summarizes a presentation on using cell-aware fault models for ATPG testing. It discusses previous work on improving defect coverage using EMD and cell-aware methodologies. The presentation introduces a new cell-aware methodology that uses layout extraction and analog fault simulation to generate additional cell-internal defects for the fault model. It shows results on a 32nm design demonstrating improved slow-speed and at-speed defect coverage from 1.66% to 0.81% through targeting these additional cell-aware defects. The methodology was validated through an AMD experimental test that matched predicted coverage gains to actual production results.
HES2011 - Sebastien Tricaud - Capture me if you canHackito Ergo Sum
The document discusses techniques for capturing network traffic and system logs to detect security incidents in large networks. It describes how to capture traffic using libpcap, nfqueue, and DAQ. It also discusses challenges like fragmentation and the need to decode protocols. For logs, it highlights weaknesses like signature-based detection and the importance of normalized, unconfigurable logs. It introduces CUDA and NetGPU for GPU-accelerated traffic processing and visualization tools like SecViz and Circos for analyzing large datasets. The conclusion emphasizes that visualization can help solve the problem of events getting lost in noise and overcome technical limitations of current detection approaches.
HES2011 - joernchen - Ruby on Rails from a Code Auditor PerspectiveHackito Ergo Sum
This document provides an overview of Ruby on Rails (RoR) from a code auditor's perspective. It discusses the MVC architecture that RoR uses and describes where the different components (model, view, controller) are typically located in a RoR application. It also discusses common things to look for when reviewing RoR code like user input validation, filters, migrations and more. Specific examples of issues found in Redmine and another open source project are also provided like a persistent XSS issue and information leak.
HES2011 - Gabriel Gonzalez - Man In Remote PKCS11 for fun and non profitHackito Ergo Sum
This document discusses remotely using the Spanish National Electronic ID (DNIe) and potential attacks. It provides an introduction to the DNIe and describes a "Man in the Remote" (MiR) attack where an attacker is able to remotely access and use the functionalities of a DNIe card plugged into a different computer. It demonstrates how the attacker could achieve remote authentication and signing. It also discusses some potential solutions to prevent MiR attacks based on analyzing response times.
HES2011 - Jon Oberheide and Dan Rosenberg - StackjackingHackito Ergo Sum
This document discusses bypassing security protections provided by the grsecurity and PaX patchsets on Linux kernels. It begins with an introduction and agenda, then provides background on Linux kernel security issues over the past decade. The presentation notes that an arbitrary kernel write is a common exploitation primitive, but that this is insufficient to escalate privileges when protections like grsecurity/PaX are in place. It then introduces the concept of "stackjacking", where an attacker leverages kernel stack memory disclosures, which are common low severity vulnerabilities, along with an arbitrary kernel write to bypass grsecurity/PaX protections without needing to introduce new code or modify control flow.
HES2011 - Aaron Portnoy and Logan Brown - Black Box Auditing Adobe ShockwaveHackito Ergo Sum
This document summarizes an approach to auditing the Adobe Shockwave file format and verifying vulnerabilities. It describes how the authors:
1) Encountered difficulties reversing the Shockwave memory manager using traditional debugging tools.
2) Developed a technique using dynamic binary instrumentation to hook the Shockwave file read function and search read buffers for fuzzed file data.
3) Further refined their approach by directly hooking the file read function in MSVCR71.dll, allowing the technique to be reused for other projects.
Verification of Security for Untrusted Third Party IP CoresIRJET Journal
This document proposes a technique to formally verify third-party IP cores for hardware Trojans that leak sensitive information. It begins with background on the threat of untrusted third parties inserting Trojans, and limitations of existing detection techniques. The proposed technique uses bounded model checking to check if the IP core violates the property "does not leak any sensitive information". If a violation is found, the model checker generates an input sequence that triggers the Trojan. The document motivates the technique with an example AES Trojan, and refines the property checked to make it computationally feasible for large key sizes. Formalizing Trojan detection as a property checking problem allows exhaustive verification of IP cores for information-leaking Trojans.
This document discusses an approach for automatically verifying loop invariants generated by other tools. It presents a constraint-based technique that can quickly filter out spurious invariants by attempting to prove or disprove candidates using a bounded model checker. An evaluation on classical programs showed the approach could validate correct invariants and refute spurious ones in under a minute for most cases tested.
This document summarizes a presentation on using cell-aware fault models for ATPG testing. It discusses previous work on improving defect coverage using EMD and cell-aware methodologies. The presentation introduces a new cell-aware methodology that uses layout extraction and analog fault simulation to generate additional cell-internal defects for the fault model. It shows results on a 32nm design demonstrating improved slow-speed and at-speed defect coverage from 1.66% to 0.81% through targeting these additional cell-aware defects. The methodology was validated through an AMD experimental test that matched predicted coverage gains to actual production results.
HES2011 - Sebastien Tricaud - Capture me if you canHackito Ergo Sum
The document discusses techniques for capturing network traffic and system logs to detect security incidents in large networks. It describes how to capture traffic using libpcap, nfqueue, and DAQ. It also discusses challenges like fragmentation and the need to decode protocols. For logs, it highlights weaknesses like signature-based detection and the importance of normalized, unconfigurable logs. It introduces CUDA and NetGPU for GPU-accelerated traffic processing and visualization tools like SecViz and Circos for analyzing large datasets. The conclusion emphasizes that visualization can help solve the problem of events getting lost in noise and overcome technical limitations of current detection approaches.
HES2011 - joernchen - Ruby on Rails from a Code Auditor PerspectiveHackito Ergo Sum
This document provides an overview of Ruby on Rails (RoR) from a code auditor's perspective. It discusses the MVC architecture that RoR uses and describes where the different components (model, view, controller) are typically located in a RoR application. It also discusses common things to look for when reviewing RoR code like user input validation, filters, migrations and more. Specific examples of issues found in Redmine and another open source project are also provided like a persistent XSS issue and information leak.
HES2011 - Gabriel Gonzalez - Man In Remote PKCS11 for fun and non profitHackito Ergo Sum
This document discusses remotely using the Spanish National Electronic ID (DNIe) and potential attacks. It provides an introduction to the DNIe and describes a "Man in the Remote" (MiR) attack where an attacker is able to remotely access and use the functionalities of a DNIe card plugged into a different computer. It demonstrates how the attacker could achieve remote authentication and signing. It also discusses some potential solutions to prevent MiR attacks based on analyzing response times.
HES2011 - Jon Oberheide and Dan Rosenberg - StackjackingHackito Ergo Sum
This document discusses bypassing security protections provided by the grsecurity and PaX patchsets on Linux kernels. It begins with an introduction and agenda, then provides background on Linux kernel security issues over the past decade. The presentation notes that an arbitrary kernel write is a common exploitation primitive, but that this is insufficient to escalate privileges when protections like grsecurity/PaX are in place. It then introduces the concept of "stackjacking", where an attacker leverages kernel stack memory disclosures, which are common low severity vulnerabilities, along with an arbitrary kernel write to bypass grsecurity/PaX protections without needing to introduce new code or modify control flow.
HES2011 - Aaron Portnoy and Logan Brown - Black Box Auditing Adobe ShockwaveHackito Ergo Sum
This document summarizes an approach to auditing the Adobe Shockwave file format and verifying vulnerabilities. It describes how the authors:
1) Encountered difficulties reversing the Shockwave memory manager using traditional debugging tools.
2) Developed a technique using dynamic binary instrumentation to hook the Shockwave file read function and search read buffers for fuzzed file data.
3) Further refined their approach by directly hooking the file read function in MSVCR71.dll, allowing the technique to be reused for other projects.
2012 B-Sides and ToorCon Talk Offensive Defense
Blog Post - http://blog.ioactive.com/2013/01/offensive-defense.html
Cyber-criminals have had back-end infrastructures equivalent to Virus Total to test if malware and exploits are effective against AV scanners for many years, thus showing that attackers are proactively avoiding detection when building malware. In this day of age malicious binaries are generated on demand by server-side kits when a victim visits a malicious web page, making reliance solely on hash based solutions inadequate. In the last 15 years detection techniques have evolved in an attempt to keep up with attack trends. In the last few years security companies have looked for supplemental solutions such as the use of machine learning to detect and mitigate attacks against cyber criminals. Let's not pretend attackers can't bypass each and every detection technique currently deployed. Join me as I present and review current detection methods found in most host and network security solutions found today. We will re-review the defense in depth strategy while keeping in mind that a solid security strategy consists of forcing an attacker to spend as much time and effort while needing to know a variety of skills and technologies in order to successfully pull off the attack. In the end I hope to convince you that thinking defensively requires thinking offensively.
The document outlines an introduction to integer overflows, automated detection of integer overflows, and a conclusion. It discusses integer overflows in binary representation, how small negative integers can be misinterpreted as large integers leading to vulnerabilities, and analyzing binary code statically to detect dangerous patterns and data dependencies that could indicate integer overflows.
The document discusses intrusion alert correlation. It defines key terms like correlation, event, alert, and alert correlation. It outlines that the goals of correlation are to address weaknesses in individual intrusion detection systems like alert flooding, lack of context, and false positives/negatives. The main steps of the correlation process include alert collection, normalization, aggregation, verification, and producing high-level alert structures. Specific correlation techniques are also discussed.
The document discusses do-it-yourself security audits for PHP applications. It recommends focusing audits on high risk areas by analyzing data flows for STRIDE risks like spoofing, tampering, and information disclosure. The document outlines tools and techniques for analyzing things like SQL injections, code executions, input validation, and cross-site scripting vulnerabilities. It recommends using input flow analysis or checking critical functions and output escaping to efficiently audit applications. While tools can assist, thorough manual code reviews are still needed to identify security issues.
Dmitriy evdokimov. light and dark side of code instrumentationYury Chemerkin
This document discusses code instrumentation techniques. It begins by introducing the speaker and defining instrumentation as adding extra code to a program or environment for monitoring or changing program behavior. It then covers various uses of instrumentation including debugging, testing, profiling, and security applications like malware analysis. The document categorizes instrumentation approaches as static, load-time, or dynamic depending on when the instrumentation is applied. It provides examples of instrumentation for different programming languages and environments like Java, .NET, and ActionScript.
The document discusses the current and future states of automated malware generation and malware defense techniques. It describes how malware distribution networks currently work and trends showing rising malware samples. The future of malware defense is proposed to apply more machine learning and statistical techniques to model malware behaviors and attributes in order to handle growing sample volumes. This would involve training machine learning classifiers on features identified by human experts to classify and cluster malware more effectively.
This document describes a private course on vulnerability development. The course covers topics like buffer overflows, shellcode, exploits, stack and heap overflows. It aims to help students learn about hacking and computer security, and move from being script kiddies to advanced hackers through hands-on penetration testing and writing their own exploits and Metasploit modules.
Enterprise Security API (ESAPI) Java - Java User Group San AntonioDenim Group
ESAPI (Enterprise Security API) is a free and open source library that makes it easier for developers to implement common security controls in web applications. It provides interfaces and reference implementations for controls like input validation, output encoding, authentication, and more. Developers can use the standard implementations or customize them for their applications. ESAPI is available for several programming languages and helps developers address common vulnerabilities.
HES 2011 - Gal Diskin - Binary instrumentation for hackers - Lightning-talkHackito Ergo Sum
This document summarizes a lightning talk presentation about binary instrumentation using Intel's Pin tool. It introduces Pin as a dynamic binary instrumentation tool that can insert code into programs at runtime. It then discusses several applications of Pin like performance profiling, security tools for sandboxing and reversing, and academic uses. The document provides examples of using Pin APIs and also lists some alternative dynamic instrumentation engines. It encourages the audience to start using Pin and sharing tools they create with the community.
HES2011 - Jon Larimer - Autorun Vulnerabilities on LinuxHackito Ergo Sum
This document discusses potential vulnerabilities related to autorun functionality and removable storage devices like USB drives on Linux systems. It notes that while Linux desktop environments don't automatically run scripts from removable devices, vulnerabilities could still exist in drivers and applications that handle connecting and accessing such devices. Specific vulnerabilities are identified in USB drivers, file system drivers, thumbnail generation applications, and external thumbnailer programs. Exploiting these could allow gaining root access or defeating full disk encryption from physical access to a system.
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARFHackito Ergo Sum
The document describes how DWARF bytecode, included in GCC-compiled binaries to support exception handling, can be exploited to insert trojan payloads. DWARF bytecode interpreters are included in the standard C++ runtime and are Turing-complete, allowing the bytecode to perform arbitrary computations by influencing program flow. A demonstration shows how DWARF bytecode can be used to hijack exceptions and execute malicious payloads without requiring native code.
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...Hackito Ergo Sum
This document provides a summary of a presentation by Raoul Chiesa on cybercrime trends from the past to present. It discusses how hacking has evolved from curiosity-driven activities by bored teens to profit-motivated crimes by adults. Reasons for the rise of cybercrime include the increasing number of internet users and victims, economic incentives, availability of hacking tools, recruitment of inexperienced people, and lack of consequences. The presentation also notes how media portrayal has changed perceptions of who hackers are.
HES2011 - Richard Johnson - A Castle Made of Sand Adobe Reader X SandboxHackito Ergo Sum
The document discusses Adobe Reader's use of sandboxing to improve security. It provides background on past vulnerabilities in Adobe Reader and discusses the architecture of the Adobe Reader X sandbox. The sandbox isolates rendering code in a lower privileged process and uses a higher privileged broker process to validate and fulfill requests for system resources according to internal policy. The document outlines how to analyze the sandbox's security mechanisms, such as by determining the rights of processes, auditing the IPC mechanisms, and fuzzing the resource request validation.
HES2011 - Tarjei Mandt – Kernel Pool Exploitation on Windows 7Hackito Ergo Sum
This document discusses kernel pool exploitation on Windows 7. It begins with an introduction and overview of the kernel pool and its internals such as pool descriptors, free lists, and lookaside lists. It then covers attacks on the kernel pool and ways to harden it against exploitation, such as by modifying pool structures.
HES2011 - Yuval Vadim Polevoy – Money Is In The Eye Of The Beholder: New And ...Hackito Ergo Sum
The document discusses new and evolving ways that criminals steal money through digital means. It outlines how criminal operations have become more sophisticated and business-like, moving from individual hackers to organized underground companies. It describes various technical methods that are used, such as phishing, pharming, malware injections, and man-in-the-browser attacks to steal login credentials and hijack financial transactions. It also discusses how criminal groups set up complex international operations using mules, drop points, and covert channels to launder and cash out the stolen money without being detected. The document warns that security measures are catching up, but that criminals will continue adapting their methods, such as through screen scraping or new types of online games involving money.
The document discusses how software can be used to damage hardware through various techniques like overclocking, overvolting, overheating, and firmware flashing. It provides examples of how components like CPUs, RAM, graphics cards, hard drives, and BIOS can be permanently damaged by exploiting their software interfaces. The goal could be industrial espionage, terrorism, or other malicious motives like destroying a commercial rival's operations through an act of industrial cyber warfare.
Must Know Postgres Extension for DBA and Developer during MigrationMydbops
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfleebarnesutopia
So… you want to become a Test Automation Engineer (or hire and develop one)? While there’s quite a bit of information available about important technical and tool skills to master, there’s not enough discussion around the path to becoming an effective Test Automation Engineer that knows how to add VALUE. In my experience this had led to a proliferation of engineers who are proficient with tools and building frameworks but have skill and knowledge gaps, especially in software testing, that reduce the value they deliver with test automation.
In this talk, Lee will share his lessons learned from over 30 years of working with, and mentoring, hundreds of Test Automation Engineers. Whether you’re looking to get started in test automation or just want to improve your trade, this talk will give you a solid foundation and roadmap for ensuring your test automation efforts continuously add value. This talk is equally valuable for both aspiring Test Automation Engineers and those managing them! All attendees will take away a set of key foundational knowledge and a high-level learning path for leveling up test automation skills and ensuring they add value to their organizations.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
More Related Content
Similar to HES2011 - Eloi Vanderbeken - Hackito Ergo Sum Crackme
2012 B-Sides and ToorCon Talk Offensive Defense
Blog Post - http://blog.ioactive.com/2013/01/offensive-defense.html
Cyber-criminals have had back-end infrastructures equivalent to Virus Total to test if malware and exploits are effective against AV scanners for many years, thus showing that attackers are proactively avoiding detection when building malware. In this day of age malicious binaries are generated on demand by server-side kits when a victim visits a malicious web page, making reliance solely on hash based solutions inadequate. In the last 15 years detection techniques have evolved in an attempt to keep up with attack trends. In the last few years security companies have looked for supplemental solutions such as the use of machine learning to detect and mitigate attacks against cyber criminals. Let's not pretend attackers can't bypass each and every detection technique currently deployed. Join me as I present and review current detection methods found in most host and network security solutions found today. We will re-review the defense in depth strategy while keeping in mind that a solid security strategy consists of forcing an attacker to spend as much time and effort while needing to know a variety of skills and technologies in order to successfully pull off the attack. In the end I hope to convince you that thinking defensively requires thinking offensively.
The document outlines an introduction to integer overflows, automated detection of integer overflows, and a conclusion. It discusses integer overflows in binary representation, how small negative integers can be misinterpreted as large integers leading to vulnerabilities, and analyzing binary code statically to detect dangerous patterns and data dependencies that could indicate integer overflows.
The document discusses intrusion alert correlation. It defines key terms like correlation, event, alert, and alert correlation. It outlines that the goals of correlation are to address weaknesses in individual intrusion detection systems like alert flooding, lack of context, and false positives/negatives. The main steps of the correlation process include alert collection, normalization, aggregation, verification, and producing high-level alert structures. Specific correlation techniques are also discussed.
The document discusses do-it-yourself security audits for PHP applications. It recommends focusing audits on high risk areas by analyzing data flows for STRIDE risks like spoofing, tampering, and information disclosure. The document outlines tools and techniques for analyzing things like SQL injections, code executions, input validation, and cross-site scripting vulnerabilities. It recommends using input flow analysis or checking critical functions and output escaping to efficiently audit applications. While tools can assist, thorough manual code reviews are still needed to identify security issues.
Dmitriy evdokimov. light and dark side of code instrumentationYury Chemerkin
This document discusses code instrumentation techniques. It begins by introducing the speaker and defining instrumentation as adding extra code to a program or environment for monitoring or changing program behavior. It then covers various uses of instrumentation including debugging, testing, profiling, and security applications like malware analysis. The document categorizes instrumentation approaches as static, load-time, or dynamic depending on when the instrumentation is applied. It provides examples of instrumentation for different programming languages and environments like Java, .NET, and ActionScript.
The document discusses the current and future states of automated malware generation and malware defense techniques. It describes how malware distribution networks currently work and trends showing rising malware samples. The future of malware defense is proposed to apply more machine learning and statistical techniques to model malware behaviors and attributes in order to handle growing sample volumes. This would involve training machine learning classifiers on features identified by human experts to classify and cluster malware more effectively.
This document describes a private course on vulnerability development. The course covers topics like buffer overflows, shellcode, exploits, stack and heap overflows. It aims to help students learn about hacking and computer security, and move from being script kiddies to advanced hackers through hands-on penetration testing and writing their own exploits and Metasploit modules.
Enterprise Security API (ESAPI) Java - Java User Group San AntonioDenim Group
ESAPI (Enterprise Security API) is a free and open source library that makes it easier for developers to implement common security controls in web applications. It provides interfaces and reference implementations for controls like input validation, output encoding, authentication, and more. Developers can use the standard implementations or customize them for their applications. ESAPI is available for several programming languages and helps developers address common vulnerabilities.
Similar to HES2011 - Eloi Vanderbeken - Hackito Ergo Sum Crackme (8)
HES 2011 - Gal Diskin - Binary instrumentation for hackers - Lightning-talkHackito Ergo Sum
This document summarizes a lightning talk presentation about binary instrumentation using Intel's Pin tool. It introduces Pin as a dynamic binary instrumentation tool that can insert code into programs at runtime. It then discusses several applications of Pin like performance profiling, security tools for sandboxing and reversing, and academic uses. The document provides examples of using Pin APIs and also lists some alternative dynamic instrumentation engines. It encourages the audience to start using Pin and sharing tools they create with the community.
HES2011 - Jon Larimer - Autorun Vulnerabilities on LinuxHackito Ergo Sum
This document discusses potential vulnerabilities related to autorun functionality and removable storage devices like USB drives on Linux systems. It notes that while Linux desktop environments don't automatically run scripts from removable devices, vulnerabilities could still exist in drivers and applications that handle connecting and accessing such devices. Specific vulnerabilities are identified in USB drivers, file system drivers, thumbnail generation applications, and external thumbnailer programs. Exploiting these could allow gaining root access or defeating full disk encryption from physical access to a system.
HES2011 - James Oakley and Sergey bratus-Exploiting-the-Hard-Working-DWARFHackito Ergo Sum
The document describes how DWARF bytecode, included in GCC-compiled binaries to support exception handling, can be exploited to insert trojan payloads. DWARF bytecode interpreters are included in the standard C++ runtime and are Turing-complete, allowing the bytecode to perform arbitrary computations by influencing program flow. A demonstration shows how DWARF bytecode can be used to hijack exceptions and execute malicious payloads without requiring native code.
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...Hackito Ergo Sum
This document provides a summary of a presentation by Raoul Chiesa on cybercrime trends from the past to present. It discusses how hacking has evolved from curiosity-driven activities by bored teens to profit-motivated crimes by adults. Reasons for the rise of cybercrime include the increasing number of internet users and victims, economic incentives, availability of hacking tools, recruitment of inexperienced people, and lack of consequences. The presentation also notes how media portrayal has changed perceptions of who hackers are.
HES2011 - Richard Johnson - A Castle Made of Sand Adobe Reader X SandboxHackito Ergo Sum
The document discusses Adobe Reader's use of sandboxing to improve security. It provides background on past vulnerabilities in Adobe Reader and discusses the architecture of the Adobe Reader X sandbox. The sandbox isolates rendering code in a lower privileged process and uses a higher privileged broker process to validate and fulfill requests for system resources according to internal policy. The document outlines how to analyze the sandbox's security mechanisms, such as by determining the rights of processes, auditing the IPC mechanisms, and fuzzing the resource request validation.
HES2011 - Tarjei Mandt – Kernel Pool Exploitation on Windows 7Hackito Ergo Sum
This document discusses kernel pool exploitation on Windows 7. It begins with an introduction and overview of the kernel pool and its internals such as pool descriptors, free lists, and lookaside lists. It then covers attacks on the kernel pool and ways to harden it against exploitation, such as by modifying pool structures.
HES2011 - Yuval Vadim Polevoy – Money Is In The Eye Of The Beholder: New And ...Hackito Ergo Sum
The document discusses new and evolving ways that criminals steal money through digital means. It outlines how criminal operations have become more sophisticated and business-like, moving from individual hackers to organized underground companies. It describes various technical methods that are used, such as phishing, pharming, malware injections, and man-in-the-browser attacks to steal login credentials and hijack financial transactions. It also discusses how criminal groups set up complex international operations using mules, drop points, and covert channels to launder and cash out the stolen money without being detected. The document warns that security measures are catching up, but that criminals will continue adapting their methods, such as through screen scraping or new types of online games involving money.
The document discusses how software can be used to damage hardware through various techniques like overclocking, overvolting, overheating, and firmware flashing. It provides examples of how components like CPUs, RAM, graphics cards, hard drives, and BIOS can be permanently damaged by exploiting their software interfaces. The goal could be industrial espionage, terrorism, or other malicious motives like destroying a commercial rival's operations through an act of industrial cyber warfare.
Must Know Postgres Extension for DBA and Developer during MigrationMydbops
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
Lee Barnes - Path to Becoming an Effective Test Automation Engineer.pdfleebarnesutopia
So… you want to become a Test Automation Engineer (or hire and develop one)? While there’s quite a bit of information available about important technical and tool skills to master, there’s not enough discussion around the path to becoming an effective Test Automation Engineer that knows how to add VALUE. In my experience this had led to a proliferation of engineers who are proficient with tools and building frameworks but have skill and knowledge gaps, especially in software testing, that reduce the value they deliver with test automation.
In this talk, Lee will share his lessons learned from over 30 years of working with, and mentoring, hundreds of Test Automation Engineers. Whether you’re looking to get started in test automation or just want to improve your trade, this talk will give you a solid foundation and roadmap for ensuring your test automation efforts continuously add value. This talk is equally valuable for both aspiring Test Automation Engineers and those managing them! All attendees will take away a set of key foundational knowledge and a high-level learning path for leveling up test automation skills and ensuring they add value to their organizations.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
From Natural Language to Structured Solr Queries using LLMsSease
This talk draws on experimentation to enable AI applications with Solr. One important use case is to use AI for better accessibility and discoverability of the data: while User eXperience techniques, lexical search improvements, and data harmonization can take organizations to a good level of accessibility, a structural (or “cognitive” gap) remains between the data user needs and the data producer constraints.
That is where AI – and most importantly, Natural Language Processing and Large Language Model techniques – could make a difference. This natural language, conversational engine could facilitate access and usage of the data leveraging the semantics of any data source.
The objective of the presentation is to propose a technical approach and a way forward to achieve this goal.
The key concept is to enable users to express their search queries in natural language, which the LLM then enriches, interprets, and translates into structured queries based on the Solr index’s metadata.
This approach leverages the LLM’s ability to understand the nuances of natural language and the structure of documents within Apache Solr.
The LLM acts as an intermediary agent, offering a transparent experience to users automatically and potentially uncovering relevant documents that conventional search methods might overlook. The presentation will include the results of this experimental work, lessons learned, best practices, and the scope of future work that should improve the approach and make it production-ready.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
ScyllaDB is making a major architecture shift. We’re moving from vNode replication to tablets – fragments of tables that are distributed independently, enabling dynamic data distribution and extreme elasticity. In this keynote, ScyllaDB co-founder and CTO Avi Kivity explains the reason for this shift, provides a look at the implementation and roadmap, and shares how this shift benefits ScyllaDB users.
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...AlexanderRichford
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation Functions to Prevent Interaction with Malicious QR Codes.
Aim of the Study: The goal of this research was to develop a robust hybrid approach for identifying malicious and insecure URLs derived from QR codes, ensuring safe interactions.
This is achieved through:
Machine Learning Model: Predicts the likelihood of a URL being malicious.
Security Validation Functions: Ensures the derived URL has a valid certificate and proper URL format.
This innovative blend of technology aims to enhance cybersecurity measures and protect users from potential threats hidden within QR codes 🖥 🔒
This study was my first introduction to using ML which has shown me the immense potential of ML in creating more secure digital environments!
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
"What does it really mean for your system to be available, or how to define w...Fwdays
We will talk about system monitoring from a few different angles. We will start by covering the basics, then discuss SLOs, how to define them, and why understanding the business well is crucial for success in this exercise.
"What does it really mean for your system to be available, or how to define w...
HES2011 - Eloi Vanderbeken - Hackito Ergo Sum Crackme
1. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Hackito Ergo Sum Crackme
´
Eloi Vanderb´ken
e
eloi.vanderbeken (at) ens-cachan.fr
09 April 2011
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
2. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
3. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
About me
Last year of master’s degree in cryptology and software
´
security at Ecole Normale Sup´rieure of Cachan
e
Reversing software protection for 6 years
Participate to several Capture The Flags in my spare time
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
4. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
5. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Some facts and numbers
First crackme
2 months
6000 lines of python
Use TTASM and BeaEngine
Randomly generated
Only 3 valid solutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
6. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
7. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Algorithm
Custom RC4 (initial table changed, starts with ”HESFTW”)
Serial is used as a 256-byte key
Generate the first 7 DWORDs
Combine them with 0xDEADBEEF to generate a DWORD
Use it as a constant to calculate the length of the last layers
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
8. Introduction
Verification algorithm
Obfuscation
Encryption layers Instruction mutation
Direct native API call Control Flow Graph (CFG) obfuscation
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
9. Introduction
Verification algorithm
Obfuscation
Encryption layers Instruction mutation
Direct native API call Control Flow Graph (CFG) obfuscation
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
10. Introduction
Verification algorithm
Obfuscation
Encryption layers Instruction mutation
Direct native API call Control Flow Graph (CFG) obfuscation
Anti-X
How to break it
Possible evolutions
Instruction mutation
Make a static analysis to get freely modifiable registers
Use them to mutate instructions
Main rule: if your code use an instruction, it has to be used
everywhere ⇒ no difference between the useful code and the
garbage one
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
11. Introduction
Verification algorithm
Obfuscation
Encryption layers Instruction mutation
Direct native API call Control Flow Graph (CFG) obfuscation
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
12. Introduction
Verification algorithm
Obfuscation
Encryption layers Instruction mutation
Direct native API call Control Flow Graph (CFG) obfuscation
Anti-X
How to break it
Possible evolutions
Control Flow Graph (CFG) obfuscation
Before instruction mutation:
Duplicate some piece of code
Add a fake or non determinist test to choose which block will
be executed
After:
Make a static analysis to know which flags are set/unset for
each instruction
Add conditional jump which are never/always taken according
to the flags
Shuffle blocks
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
14. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
15. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Layers
How to make a layer the most annoying possible?
Hide the end address of the encryption layer
Hide the size of the encrypted code
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
16. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Layers (continued)
Use Linear Feedback Shift Register (LFSR) to encrypt n times
both end address and a dword counter
At execution, decrypt them one time at each loop execution
When the dword counter has been decrypted, jump to the
decrypted address
Use indirect jump to avoid breakpoint:
cmp counter, CST setz cl jmp [ecx +
addresses]
Bonus: LFSR having the biggest possible period, you can add
as many fake comparison as you want
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
17. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
18. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Direct native API call
Get syscall numbers at initialisation
Use sysenter (do not work on 64bit systems)
Make random invalid or non invasives (ZwYieldExecution)
syscalls to prevent conditional breakpoints on
KiFastSystemCallRet
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
19. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
20. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Classical anti-debuggers tricks
Well known anti-debuggers trick made difficult to bypass because
of direct use of sysenter:
NtQueryInformationProcess + ProcessDebugPort
NtSetInformationThread + ThreadHideFromDebugger
NtSetContextThread to delete hardware breakpoints
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
21. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Anti-instrumentation framework
Detect hook on KiUserExceptionDispatcher and
KiUserCallbackDispatcher
Detect stack reuse by instrumentation code: place a constant
in esp-4, execute a sysenter, check if esp-4 has been changed
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
22. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Anti data-tainting
After execution of each part of the algorithm, result is copied using
indirect dependance
AntiTaintMemcpy (BYTE* source, BYTE *dest, int size)
{
for (int t =0 t < size ++t) {
BYTE val = 0
do {
BOOL isDiff = FALSE
if (source[t] != val)
isDiff = True
if (! isDiff)
dest[t] = val
++val
} while (val != 0)
}
}
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
23. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
24. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
So how to solve it?
API init Set memory breakpoint on ntdll PE
Anti-Dbg Don’t use debugger, inject a DLL and use
VectoredExceptionHandler to set HBP
Anti-HBP Replace ZwSetThreadContext syscall number by an
harmless or invalid one
ReadFile Use kernel debugger or replace syscall numbers by a
GDI one which will call KiUserCallbackDispatcher
Obfuscation Step the code :)
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
25. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
How to find a valid serial
Bruteforce (JB B´drune)
e
Use of the RC4 internal table created with the key published
(Kyriakos Economou and Mark Wodrich)
Generate a valid keystream, use a backward algorithm to find
an internal table which generate this keystream, find a key
which generate this table (Me :) )
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
26. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Plan
1 Introduction
2 Verification algorithm
3 Obfuscation
Instruction mutation
Control Flow Graph (CFG) obfuscation
4 Encryption layers
5 Direct native API call
6 Anti-X
7 How to break it
8 Possible evolutions
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
27. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Some ideas for the next year ;)
Recode all the crackme generation in C
Use XED (by intel) to disassemble and reassemble instruction
Multi-thread
Virtualisation
More mutation rules, more complex instructions (FPU, MMX,
SSE etc.)
More anti-X
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
28. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Thanks
Thank you !
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011
29. Introduction
Verification algorithm
Obfuscation
Encryption layers
Direct native API call
Anti-X
How to break it
Possible evolutions
Questions ?
Questions ?
´
Eloi Vanderb´ken
e Hackito Ergo Sum 2011