From BruCON 2015
Jump to: navigation, search
(WiFi malware for Fun and Profit)
(SUBJ1)
 
(193 intermediate revisions by 93 users not shown)
Line 1: Line 1:
'''To prevent chaos for our workshops, we kindly ask you to register on this page (actual name or nickname)'''
 
  
Most workshops will be given on both days so you have 2 options. <br>Arrive early (5 minutes before start). <br>Even if you don't have a spot, drop by to see if anybody didn't show up.
 
 
'''Lists will be closed at midnight the day before'''.
 
<br>If you didn't get a chance to register in time but the list isn't full yet, come and try your luck.
 
 
== DJ Workshop ==
 
by '''''Joernchen & Mumpi of Phenoelit'''''
 
 
The workshop will run for 2,5 hours. Two sessions catering for 8 attendees will be run. When registering, indicate (1) or (2) !!!
 
{| border='1px'
 
!  !!  '''Monday'''
 
|-
 
| #1
 
| Ryan Dewhurst (1)
 
|-
 
| #2
 
| Wim Remes (1)
 
|-
 
| #3
 
|Dieter (@dietervds) (1)
 
|-
 
| #4
 
|Aasia96 (1)
 
|-
 
| #5
 
|laurensv (1)
 
|-
 
| #6
 
|KeithMyers! (1)
 
|-
 
| #7
 
|Juliana Nicolau (1)
 
|-
 
| #8
 
|astera (1)
 
|-
 
| #9
 
|NetRunner(1ifnot2)
 
|-
 
| #10
 
|
 
|-
 
| #11
 
|
 
|-
 
| #12
 
|
 
|-
 
| #13
 
|
 
|-
 
| #14
 
|
 
|-
 
| #15
 
|
 
|-
 
| #16
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==  Collective Malicious PDF Analysis ==
 
by '''''(Brandon Dixon - x0ner)'''''
 
 
What you need : Users should bring their laptop if they want to participate in the analysis.
 
You should also have the ability to run a VMware Virtual machine. This could mean having Fusion, Player or Workstation installed. 
 
 
There is no maximum audience amount.
 
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
! '''Tuesday'''
 
|-
 
| #1
 
| Ryan Dewhurst
 
| Bkay "@security4all"
 
|-
 
| #2
 
|@davehardy20
 
| Jochen - hammer
 
|-
 
| #3
 
|Juliana Nicolau
 
|Charlie Brown
 
|-
 
| #4
 
| @vanhoefm
 
|Etienne Stalmans
 
|-
 
| #5
 
|allabert
 
|@Guillermo
 
|-
 
| #6
 
|
 
|David Durvaux
 
|-
 
| #7
 
|
 
|Christophe Vandeplas
 
|-
 
| #8
 
|
 
|David André
 
|-
 
| #9
 
|
 
| smtx (@5M7X)
 
|-
 
| #10
 
|
 
|PhilFr
 
|-
 
| #11
 
|
 
|Stephen Mills
 
|-
 
| #12
 
|
 
|
 
|-
 
| #13
 
|
 
|
 
|-
 
| #14
 
|
 
|
 
|-
 
| #15
 
|
 
|
 
|-
 
| #16
 
|
 
|
 
|-
 
| #17
 
|
 
|
 
|-
 
| #18
 
|
 
|
 
|-
 
| #19
 
|
 
|
 
|-
 
| #20
 
|
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==Script Kiddie Hacking Techniques==
 
by '''Ellen Moar & Colin McLean'''
 
 
{| border='1px'
 
!  !!  '''Tuesday'''
 
|-
 
| #1
 
| Mike - ydoow
 
|-
 
| #2
 
|Benoit
 
|-
 
| #3
 
| Gavin Watson
 
|-
 
| #4
 
|Bryn Bellis
 
|-
 
| #5
 
|Xavier "@xme"
 
|-
 
| #6
 
|Dieter (@dietervds)
 
|-
 
| #7
 
| smtx (@5M7X)
 
|-
 
| #8
 
| BaconZombie  { @BaconZombie }
 
|-
 
| #9
 
|Charlie Brown
 
|-
 
| #10
 
|Dieter Van Den Bosch
 
|-
 
| #11
 
|Koen VB
 
|-
 
| #12
 
|Aasia96
 
|-
 
| #13
 
|@Dave_von_S
 
|-
 
| #14
 
|@steevebarbeau
 
|-
 
| #15
 
|GeCo
 
|-
 
| #16
 
|Koen Machilsen
 
|-
 
| #17
 
|corelanc0d3r
 
|-
 
| #18
 
|jps
 
|-
 
| #19
 
|padzer0
 
|-
 
| #20
 
|@davehardy20
 
|-
 
| ***           
 
|  *******************
 
|-
 
|
 
| '''WAITING LIST'''
 
|-
 
| #1
 
| Fancy
 
|-
 
| #2
 
|Ruben - b33f
 
|-
 
| #3
 
| Vincent Hutsebaut
 
|-
 
| #4
 
|Eugene N
 
|-
 
| #5
 
|astera
 
|-
 
| #6
 
|PhilFr
 
|-
 
| #7
 
| David André
 
|-
 
| #8
 
| Juliana Nicolau
 
|-
 
| #9
 
| Hammer
 
|-
 
| #10
 
| jap
 
|-
 
| #11
 
| koensa
 
|-
 
| #12
 
| Joshua Wöhle
 
|}
 
 
==The Web Application Hacking Toolchain==
 
by '''Jason Haddix - jhaddix'''
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
! '''Tuesday'''
 
|-
 
| #1
 
| Robin - digininja
 
| Ryan Dewhurst
 
|-
 
| #2
 
| Benoit
 
| Mike - ydoow
 
|-
 
| #3
 
|@Dave_von_S
 
|Matt Erasmus
 
|-
 
| #4
 
| Gavin Watson
 
| Michael - mfs
 
|-
 
| #5
 
| Marc - wicky
 
| Jochen - hammer
 
|-
 
| #6
 
| Bart Van der Aovrt
 
|Dieter (@dietervds)
 
|-
 
| #7
 
| smtx (@5M7X)
 
| Dieter Van Den Bosch
 
|-
 
| #8
 
|GeCo
 
|Charlie Brown
 
|-
 
| #9
 
|padzer0
 
|Koen VB
 
|-
 
| #10
 
|J.Boutet
 
|@chrisjohnriley
 
|-
 
| #11
 
|Tino Brants
 
|@davehardy20
 
|-
 
| #12
 
|Vincent Spriet
 
|Ruben - b33f
 
|-
 
| #13
 
|System33
 
|@alcyonsecurity
 
|-
 
| #14
 
|David Rook @securityninja
 
|@vanhoefm
 
|-
 
| #15
 
|Eugene N
 
|Erik VB
 
|-
 
| #16
 
|David André
 
|Kurt Beheydt
 
|-
 
| #17
 
|PhilFr
 
|Fancy
 
|-
 
| #18
 
|koensa
 
|Giuseppe Trotta @Giutro
 
|-
 
| #19
 
|RFE
 
|Bert V.
 
|-
 
| #20
 
|Egeltje
 
|Francesco Stillavato
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==White Hat Shellcode: Not for Exploits==
 
by '''Didier Stevens'''
 
 
The goal of this workshop is to plant a seed: that shellcode has a place in your defense toolbox. The goal is not to learn to write shellcode, neither is it to present a complete anthology of white hat shellcode. I want to show a few examples to help you be more creative, so that when you are facing a problem in your IT sec job, you will also consider shellcode as a potential solution.
 
 
Shellcode is almost always used in attack scenarios, but it can also be used to defend. Shellcode is just a tool, and it can be a solution to your problem.
 
 
In this workshop we will work together on 5 cases:
 
 
1. loading/unloading a DLL
 
 
2. enforcing DEP
 
 
3. testing your security setup
 
 
4. patching an application
 
 
5. preventing heapsprays with shellcode
 
 
What you need to bring: your laptop with Windows XP SP3 (32-bit, preferably in a virtual machine).
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
! '''Tuesday'''
 
|-
 
| #1
 
| @vanhoefm
 
| Bart Van der Avort
 
|-
 
| #2
 
| @jfte
 
| smtx (@5M7X)
 
|-
 
| #3
 
| Vincent Hutsebaut :)
 
|Etienne Stalmans
 
|-
 
| #4
 
| Bert V.
 
| @nfoonf
 
|-
 
| #5
 
|
 
| David Durvaux
 
|-
 
| #6
 
|
 
|David Rook @securityninja
 
|-
 
| #7
 
|
 
|PhilFr
 
|-
 
| #8
 
|
 
|
 
|-
 
| #9
 
|
 
|
 
|-
 
| #10
 
|
 
|
 
|-
 
| #11
 
|
 
|
 
|-
 
| #12
 
|
 
|
 
|-
 
| #13
 
|
 
|
 
|-
 
| #14
 
|
 
|
 
|-
 
| #15
 
|
 
|
 
|-
 
| #16
 
|
 
|
 
|-
 
| #17
 
|
 
|
 
|-
 
| #18
 
|
 
|
 
|-
 
| #19
 
|
 
|
 
|-
 
| #20
 
|
 
|
 
|-
 
| #21
 
|
 
|
 
|-
 
| #22
 
|
 
|
 
|-
 
| #23
 
|
 
|
 
|-
 
| #24
 
|
 
|
 
|-
 
| #25
 
|
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==WiFi malware for Fun and Profit==
 
by '''Vivek Ramachandran'''
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
! '''Tuesday'''
 
|-
 
| #1
 
| Thibault B
 
| Bkay "@security4all"
 
|-
 
| #2
 
|Robin - digininja
 
| Charlie Brown
 
|-
 
| #3
 
| Dale Pearson
 
| Dieter Van Den Bosch
 
|-
 
| #4
 
| BaconZombie { @BaconZombie }
 
|@steevebarbeau
 
|-
 
| #5
 
|Benoit
 
|Dieter (@dietervds)
 
|-
 
| #6
 
| Marc - wicky
 
|SenseiZeon
 
|-
 
| #7
 
|Joshua Wöhle
 
|Tino Brants
 
|-
 
| #8
 
| smtx (@5M7X)
 
|Vincent Spriet
 
|-
 
| #9
 
|Ruben - b33f
 
|Kurt Beheydt
 
|-
 
| #10
 
|@alcyonsecurity
 
|Tim Beyens
 
|-
 
| #11
 
|Bruno DiLo
 
|Eugene N
 
|-
 
| #12
 
|azerton
 
|David André
 
|-
 
| #13
 
|@Guillermo
 
| Jochen - hammer
 
|-
 
| #14
 
|Benjamin Carlier
 
| jap
 
|-
 
| #15
 
|@jfte
 
|koensa
 
|-
 
| #16
 
|J.Boutet
 
|@cketti
 
|-
 
| #17
 
| David Durvaux
 
|
 
|-
 
| #18
 
| Giuseppe Trotta - @giutro
 
|
 
|-
 
| #19
 
| @vanhoefm
 
|
 
|-
 
| #20
 
|RFE
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==Cisco VoIP insecurity workshop==
 
by '''Sandro Gauci and Joffrey Czarny aka Sn0rkY'''
 
 
What you need : Users should bring their laptop and a long ethernet network cable!
 
 
There is a maximum number of Cisco IP phone available.
 
 
 
{| border='1px'
 
!  !!  '''Tuesday'''
 
|-
 
| #1
 
| Robin - digininja
 
|-
 
| #2
 
|Bryn Bellis
 
|-
 
| #3
 
| Gavin Watson
 
|-
 
| #4
 
| Hilko Bouwman
 
|-
 
| #5
 
| smtx (@5M7X)
 
|-
 
| #6
 
| BaconZombie
 
|-
 
| #7
 
|@steevebarbeau
 
|-
 
| #8
 
|Koen Machilsen
 
|-
 
| #9
 
|jps
 
|-
 
| #10
 
|J.Boutet
 
|-
 
| #11
 
|Tino Brants
 
|-
 
| #12
 
|Vincent Spriet
 
|-
 
| #13
 
|Tim Beyens
 
|-
 
| #14
 
|Stephen Mills
 
|-
 
| #15
 
|
 
|-
 
| #16
 
|
 
|-
 
| #17
 
|
 
|-
 
| #18
 
|
 
|-
 
| #19
 
|
 
|-
 
| #20
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==Beer brewing workshop==
 
by '''Machtelt Garrels'''
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
|-
 
| #1
 
| BaconZombie
 
|-
 
| #2
 
| Niall Kearney
 
|-
 
| #3
 
|Charlie Brown
 
|-
 
| #4
 
|Etienne Stalmans
 
|-
 
| #5
 
|@steevebarbeau
 
|-
 
| #6
 
|BrunoDiLo
 
|-
 
| #7
 
|Frederik Geerts
 
|-
 
| #8
 
|Bram Van der Steen
 
|-
 
| #9
 
|JorisVH
 
|-
 
| #10
 
|Kurt Beheydt
 
|-
 
| #11
 
|Stephen Mills
 
|-
 
| #12
 
|
 
|-
 
| #13
 
|
 
|-
 
| #14
 
|
 
|-
 
| #15
 
|
 
|-
 
| #16
 
|
 
|-
 
| #17
 
|
 
|-
 
| #18
 
|
 
|-
 
| #19
 
|
 
|-
 
| #20
 
|
 
|-
 
| #21
 
|
 
|-
 
| #22
 
|
 
|-
 
| #23
 
|
 
|-
 
| #24
 
|
 
|-
 
| #25
 
|
 
|-
 
| #26
 
|
 
|-
 
| #27
 
|
 
|-
 
| #28
 
|
 
|-
 
| #29
 
|
 
|-
 
| #30
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==Lock Picking 101==
 
by '''Walter Belgers (TOOOL)'''
 
 
What you need : You don't need to bring any particular tools. Everything will be lended to participant during the workshop. If you have, you can bring your own lockpicking toolset.
 
 
There is a maximum circular capacity of 20 people.
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
|-
 
| #1
 
| Mike - ydoow
 
|-
 
| #2
 
|Matt Erasmus
 
|-
 
| #3
 
|Benoit
 
|-
 
| #4
 
|Niall Kearney
 
|-
 
| #5
 
| smtx (@5M7X)
 
|-
 
| #6
 
| BaconZombie { @BaconZombie }
 
|-
 
| #7
 
|Dieter Van Den Bosch
 
|-
 
| #8
 
|Charlie Brown
 
|-
 
| #9
 
|Dieter (@dietervds)
 
|-
 
| #10
 
|JorisVH
 
|-
 
| #11
 
|corelanc0d3r
 
|-
 
| #12
 
|jps
 
|-
 
| #13
 
|laurensv
 
|-
 
| #14
 
|SenseiZeon
 
|-
 
| #15
 
|Ruben - b33f
 
|-
 
| #16
 
|Bruno DiLo
 
|-
 
| #17
 
|Benjamin Carlier
 
|-
 
| #18
 
|Frederik Geerts
 
|-
 
| #19
 
|Bram Van der Steen
 
|-
 
| #20
 
|Tino Brants
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==Hacking your conference badge==
 
by '''OpenAMD Crew'''
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
! '''Tuesday'''
 
|-
 
| #1
 
| Mike - ydoow
 
| SenseiZeon
 
|-
 
| #2
 
| Matt Erasmus
 
| azerton
 
|-
 
| #3
 
| Bkay "@security4all"
 
| @jfte
 
|-
 
| #4
 
| Xavier "@xme"
 
| @vanhoefm
 
|-
 
| #5
 
|Charlie Brown
 
|Etienne Stalmans
 
|-
 
| #6
 
| Dieter Van Den Bosch
 
|
 
|-
 
| #7
 
|Egeltje
 
|
 
|-
 
| #8
 
|@steevebarbeau
 
|
 
|-
 
| #9
 
|jps
 
|
 
|-
 
| #10
 
|padzer0
 
|
 
|-
 
| #11
 
|Frederik Geerts
 
|
 
|-
 
| #12
 
|Tino Brants
 
|
 
|-
 
| #13
 
|Vincent Spriet
 
|
 
|-
 
| #14
 
|Didier Stevens
 
|
 
|-
 
| #15
 
|Kurt Beheydt
 
|
 
|-
 
| #16
 
|Juliana Nicolau
 
|
 
|-
 
| #17
 
|David Rook @securityninja
 
|
 
|-
 
| #18
 
|PhilFr
 
|
 
|-
 
| #19
 
|Stephen Mills
 
|
 
|-
 
| #20
 
|
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==Agnitio: the security code review Swiss army knife==
 
by '''David Rook aka Securityninja'''
 
 
What you need:  Users needs to bring a laptop configured as per the information in the link below.
 
 
The following things are required for the Agnitio hands on demos:
 
•A 32bit Windows Operating System (XP or 7 preferably – VM will be fine)
 
•.NET framework 3.5 installed
 
•Agnitio v2.0 installed
 
•Download the Pandemobium Android and iOS source code
 
•Download the selected vulnerable open source application
 
 
http://www.securityninja.co.uk/application-security/brucon-agnitio-workshop/
 
 
There is no maximum audience amount.
 
 
{| border='1px'
 
!  !!  '''Monday'''
 
|-
 
| #1
 
| Ryan Dewhurst
 
|-
 
| #2
 
| Mike - ydoow
 
|-
 
| #3
 
|Dieter (@dietervds)
 
|-
 
| #4
 
|@steevebarbeau
 
|-
 
| #5
 
|padzer0
 
|-
 
| #6
 
|azerton
 
|-
 
| #7
 
|Kurt Beheydt
 
|-
 
| #8
 
|@cketti
 
|-
 
| #9
 
|
 
|-
 
| #10
 
|
 
|-
 
| #11
 
|
 
|-
 
| #12
 
|
 
|-
 
| #13
 
|
 
|-
 
| #14
 
|
 
|-
 
| #15
 
|
 
|-
 
| #16
 
|
 
|-
 
| #17
 
|
 
|-
 
| #18
 
|
 
|-
 
| #19
 
|
 
|-
 
| #20
 
|
 
|-
 
| #21
 
|
 
|-
 
| #22
 
|
 
|-
 
| #23
 
|
 
|-
 
| #24
 
|
 
|-
 
| #25
 
|
 
|-
 
| #26
 
|
 
|-
 
| #27
 
|
 
|-
 
| #28
 
|
 
|-
 
| #29
 
|
 
|-
 
| #30
 
|
 
|-
 
| ###
 
| '''COMPLETE'''<br>No more people, thanks!
 
|-
 
|}
 
 
==Podcasters meetup==
 
'''This is a walk-in event'''
 
 
==Infosec Mentors==
 
'''This is a walk-in event'''
 

Latest revision as of 17:48, 26 December 2011