Call for papers for 4th yearly conference of DC7831 in Nizhniy Novgorod

On February 15-16, 2020 our local DEF CON community is going to host our 4th yearly meetup (number 0x0C) as a full-scale 2-day conference. The event will happen in Nizhniy Novgorod, exact venue location will be announced later.

We invite speakers to make a talk or a workshop in the field of practical information security and hacking. We'd be glad to hear topics from both offensive and defensive perspectives. Examples of broad topics:

- Attacks against web services
- Vulnerabilities in networking protocols
- Vulnerabilitites in operating systems components
- Attacks against hardware
- Secure development practices
- Security audit methods

Also we'd be glad to hear about cryptography and security of cryptocurrencies, anonymous networks and other advanced and hacking topics. If you have something to talk about, don't hesitate to contact us:

telegram: @wsnark
email: wsnark 'at' tuta.io

Deadline: 1th of February, 2020

Talks can be performed in Russian or English.

We can help speakers with organizing their trip (tickets, hotel).

How it was last year: https://defcon-nn.ru/0x0A/

fn_fuzzy.py - IDAPython script for fast multiple binary diffing triage https://github.com/TakahiroHaruyama/ida_haru/tree/master/fn_fuzzy #reverse #ida #dukeBarman

JEB 3.7.0 Merry Xmas Edition by DimitarSerg

1. Maximum license type (copying, scripts, etc. work now).
2. Fixed integrity check #1.
3. Fixed integrity check #2.
4. All the telemetry has been cut out.
5. Removed the update checks and other shit that tries to connect to the Internet.
6. Added/reconstructed saving/loading project function.
7. Decompilation of missing opcodes for Android has been restored.
8. Restored display of variable values when hovering over them during debugging (Android).
9. Decompiling for other platforms was fixed (tested x86/x64, webAssembly, MIPS, ARM).

Instruction:
1. Replace the original JEB.jar with fixed.
2. Register it with Keygen (run it: java Keygen)

https://forum.reverse4you.org/t/11035

#re #mobile #tools #jeb #DimitarSerg

Suite of plugins that provide the ability to transfer analysis data between Binary Ninja and IDA https://github.com/zznop/bnida #reverse #ida #binaryninja #dukeBarman

Intel Processor Trace for System Management Mode (ring-2) code tracing.

English: https://sysenter-eip.github.io/intel_pt_smm
Russian: https://habr.com/en/company/dsec/blog/481692

#reverse #hardware #dukeBarman

Another XMas release - frida-fuzzer v1.2 https://github.com/andreafioraldi/frida-fuzzer/releases/tag/1.2 #reverse #fuzzing #frida #dukeBarman

A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms) https://github.com/marin-m/vmlinux-to-elf #reverse #linux #dukeBarman

Integrate Ghidra's decompiler as an Ida plugin https://github.com/cseagle/blc #reverse #ida #ghidra #dukeBarman

Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400 https://github.com/wargio/libmc7 #reverse #radare2 #dukeBarman

Root cause analysis and exploit for a Windows kernel ws2ifsl.sys use-after-free vulnerability.

https://labs.bluefrostsecurity.de/blog/2020/01/07/cve-2019-1215-analysis-of-a-use-after-free-in-ws2ifsl/

#re #expdev #uaf #windows #darw1n

Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019 https://vimeo.com/335158460 #reverse #ghidra #dukeBarman

Remote iPhone Exploitation

https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html

#exploit #ios #dukeBarman

Windows Debugging & Exploiting

Windows Debugging & Exploiting Part 1 - Environment Setup https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-1-environment-setup/
Windows Debugging & Exploiting Part 2 - WinDBG 101 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-2-windbg-101/
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/windows-debugging-exploiting-part-3-windbg-time-travel-debugging/

#debugger #windbg #reverse #dukeBarman

PEDA-like debugger UI for WinDbg https://github.com/bruce30262/TWindbg #reverse #debugger #windbg #dukeBarman

Native XEX loader for IDA 7+, supporting most known Xbox360 executable formats. https://github.com/emoose/idaxex #reverse #ida #dukeBarman

[ KASLD ] Kernel Address Space Layout Derandomization - A collection of various techniques to bypass KASLR and retrieve the Linux kernel base virtual address on x86 / x86_64 architectures as an unprivileged user https://github.com/bcoles/kasld #exploitation #linux #dukeBarman

Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges (binaries + writeups by hacking topics) https://github.com/guyinatuxedo/nightmare #reverse #exploitation #dukeBarman

Browser jit exploitation quick start by https://twitter.com/hosselot/

- @5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javascript_engines.html
- @LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/
- @bkth_ presentation in SSTIC 2019: https://sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf

Also:
- https://doar-e.github.io
- https://phoenhex.re

#exploit #exploitation #dukeBarman

C++ for Hackers https://vimeo.com/384348826 #dukeBarman

BattlEye Anticheat: Analysis And Mitigation

Part1:
https://vmcall.blog/battleye-anticheat-analysis-and-mitigation/

Part2:
https://vmcall.blog/battleye-analysis-2020/

RU:
https://habr.com/ru/post/483068/

#reverse #dukeBarman

UEFI modules analysing with BinDiff IDA plugin https://yeggor.github.io/UEFI_BinDiff/ #reverse #dukeBarman