Cognitive and Scientific Brainology

Security - consulting,assessment,research,solutions,penetration tests.
Face - detect,track,recognize,extract features,learn emotions,character animation.





phdays 2012 Day1, Track1, 17:00, Demo section Seeing once is better...

phdays 2012 Day1, Track1, 17:00, Demo section Seeing once is better...

06/05/12 | by zveriu | Categories: Conference, PHDays.ru, Write-up

Download here

Code:

phdays.com, phdays.ru
Moscow, 2012
Day1, Track1, 17:00
Multiple speakers
Demo section Seeing once is better...
 
===================================
 
Afanasiev Mihail (Gleg.net)
 
Finding SCADAs
    Services: ERIPP, Shodan
    Identification: WinCC, TODO for others
 
Advantech web access 0day sql injection
    blind sql injection in proj and node http params
    used CANVAS framework to symbol by symbol enumeration from pUserPassword table
 
Carel PlantVisor PRO demo 2.0 blind sql injection 0day
    select + current_settings('data_directory') -
    true/false=substr(sym, sym_num)
    used CANVAS framework
    tomcat, postgresql, win2008
 
Ge Fanuc HMI/SCADA CIMPLICITY 8.1
    directory traversal
    win xp sp3
    CIMWebServer.exe (port 80)
    used CANVAS framework
 
Pure web-base scada
    atvise
    integraxor
 
===================================
 
Mobile trojan in-action
    artiom 4aikin
    positive technologies
 
Total malware samples (MacAfee)
    reportsrp-quaterly-threat-q4-2011.pdf
 
Past android malware
    easy to detect
    example
        angry birds bonus level by [some chinese chars]
        requires access to sms and calls
    demo
        send SMS upon installation
 
Present android malware
    Users became smarter
    easy to get the malware
        drive-by download & SocEng
    hard to detect
        all latin chars in the naming
        local exploits for privilege escalation
        installs services to deny malware removal
    demo
        some russian malware developer
        used SocEng: named "communication security update"
        requires: "load at boot" and "internet connection" only
        missing from the list of applications
        only found in settings: com.Security.Update
        using phone as proxy server
 
Future android malware
    rise of malware/trojans for mobile platforms
    exploits: local and remote
    motivations: fraud, mobile banking
    cross-application vulns - already real
 
===================================
 
Insecure Citrix
 
how to own virtual servers
 
citrix xenserver
    cloud infrastructure
    open hypervisor XEN
 
(missed rest of the track) :(
Leave a commentPermalink

Comments, Pingbacks:

No Comments/Pingbacks for this post yet...

This post has 5 feedbacks awaiting moderation...

Leave a comment:

Your email address will not be displayed on this site.
Your URL will be displayed.

Allowed XHTML tags: <p, ul, ol, li, dl, dt, dd, address, blockquote, ins, del, span, bdo, br, em, strong, dfn, code, samp, kdb, var, cite, abbr, acronym, q, sub, sup, tt, i, b, big, small>
(Line breaks become <br />)
(Set cookies for name, email and url)
(Allow users to contact you through a message form (your email will NOT be displayed.))
This is a captcha-picture. It is used to prevent mass-access by robots.
Please enter the characters from the image above. (case insensitive)

HIRE! - My Resume


Contact

Upcoming talks


PHDays
Hack In Paris
BlackHat USA

Ads

Cognitive and Scientific Brainology

A deep dive into brain's curiosities

May 2013
Sun Mon Tue Wed Thu Fri Sat
 << <   > >>
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Friends

Categories

Archives

Misc

XML Feeds

What is RSS?

powered by b2evolution free blog software