Friday, November 5, 2010

Published Videos of ekoparty 2010!

Already posted all the videos of the sixth edition of ekoparty 2010. Enjoy!


Hacking, an activity of public interest? - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Understanding the Win SMB NTLM weak nonce vulnerability - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Distinguishing Lockpicks: Raking vs Lifting vs Jiggling and More - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



WPA Migration Mode: WEP is back to haunt you...  ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Understanding the Low Fragmentation Heap: From Allocation to Exploitation from ekoparty on Vimeo.



Web Application Security Payloads - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Network-based detection of PE structural anomalies and linker characteristics - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Atacando VoIP....un paraiso - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



2x1 Microsoft Bugs: 'Virtual PC hyper-hole-visor' + 'Windows Creation Vulnerability (MS10-048)' - ekoparty Security Conference 6 from ekoparty on Vimeo.



Token Kidnapping's Revenge - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Faraday: A tool to share knowledge - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



SAP Backdoors: A ghost at the heart of your business - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Historias de 0days, Disclosing y otras yerbas - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Virtually Pwned: Pentesting VMware - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Pentesting Driven by FOCA - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Sandboxing based on SECCOMP for Linux kernel - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Exploiting Digital Cameras - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Wrong Way,.. a Black Hat True Story - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



iPhone Rootkit? There's an App for That! - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Hanging on a ROPe - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Padding Oracles Everywhere - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Transfering files on isolated remote desktop environments - ekoparty Security Conference 6th edition from ekoparty on Vimeo.



Jackpotting Automated Teller Machines - ekoparty Security Conference 6th edition from ekoparty on Vimeo.

Friday, September 10, 2010

Claudio Criscione says "Hi" to ekoparty!

Claudio Criscione says hello to ekoparty's attenders and tell us why we can't miss his presentation "Virtually Pwned: Pentesting VMware".


Yes!, it is a ASCII Video! :D

Wednesday, September 8, 2010

Deviant Ollam says "Hi" to ekoparty!

Deviant Ollam shows us a little of his tricks just a few days before the beginning of ekoparty 2010!

If Deviant's video got your attention, then you can't miss his training "Lockpicking & Physical Security - from novice to master in two days" and the presentation he will perform at ekoparty conference: "Distinguishing Lockpicks: Raking vs Lifting vs Jiggling and More".


During the conference, you can meet him at Lockpicking Village where Deviant will teach you all the tricks of "Physical Security", and you could take part of the "Gringo Warrior", a competitions where the faster lockpicker of ekoparty will win an important prize!.

Tuesday, September 7, 2010

Last day to buy your conference ticket with discount!

Don't miss the opportunity of buying your ticket of ekoparty at a significant discount!!
You have just today and tomorrow, Wednesday September 8, to buy your early ticket. The cost of the ticket the day of the event is much more expensive, so do not miss this chance!


See you there!!

Thursday, September 2, 2010

Chema Alonso says "Hi" to ekoparty!

Chema Alonso says hello to attendees of ekoparty, a few days before the start of the sixth edition of the event!


During the conference, Chema will present "Pentesting driven by FOCA" and a few days before will lead the training called "Opensource Intelligence Gathering for Pentesting"

Do not miss it!

Tuesday, August 31, 2010

Join the ESET Challenge!

This year ESET is ekoparty's Gold Sponsor and they will be offering an unique training: "Modern Malware Reverse Engineering" with Joan Calvet as the instructor.


Would you like to access to an amazing discount for the training? If you do, this is your opportunity: ESET Challenge!

ESET Challenge is a multiple levels crackme challenge, the higher score you obtained the better chances you will have of accessing to the discount.

http://www.ekoparty.org/Challenge-ESET.php

Don't miss this incredible opportunity!

Monday, August 30, 2010

Talks of ekoparty 2010 are published!

Already available, the list of the 23 selected talks to be presented at the sixth edition of the ekoparty Security Conference, the largest technical Security Conference of Latin America.


Official list:

- Chema Alonso - Pentesting Driven by FOCA
- Cedric Blancher - Hacking, an activity of Public interest?
- Nicolas Bareli - Sandboxing based on SECCOM for Linux kernel
- Cesar Cerrudo - Token Kidnapping\'s Revenge
- Cesar Cerrudo - History 0days, Disclosing y otras yerbas
- Claudio Criscione - Virtually Pwned: Pentesting VMware
- Giovanni Cruz - Atacking VoIP…a paradise!
- Nicolas Economou - 2x1 Microsoft Bugs: 'Virtual PC hyper-hole-visor' + 'Windows Creation Vulnerability (MS10-048)'
- Gary Golomb - Network-based detection of PE structural anomalies and linker characteristics
- Michael Hudson - Wrong Way, the true story of a Black Hat
- Barnaby Jack - Jackpotting Automated Teller Machines
- Leando Meiners & Diego Sor - WPA Migration Mode: WEP is back to haunt you...
- Eric Monti - iPhone Rootkit? There's an App for That!
- Mariano Nuñez Di Croce - SAP Backdoors: A ghost at the heart of your business
- Hernan Ochoa & Agustin Arzubel - Understanding the Win SMB NTLM Weak Nonce Vulnerability
- Hernan Ochoa -Transferring files on isolated remote desktop environments
- Deviant Ollam - Distinguishing Lockpicks: Raking vs Lifting vs Jiggling and More
- Alfredo Ortega & Oren Isacson - Exploiting Digital Cameras
- Andres Riancho & Lucas Apa - Web Application Security Payloads
- Juliano Rizzo & Thai Duong - Padding Oracles Everywhere
- Pablo Sole - Hanging on a ROPe
- Roelf Temmingh - Your life online: No more secrets Marty
- Chris Valasek - Understanding the Low Fragmentation Heap: From Allocation to Exploitation

We'd also like to thank the selection committee, which had the difficult task of evaluating the technical level of each of the presentations. The committee members:
- Cesar Cerrudo (Argeniss)
- Sebastian "topo" Muñiz (Independent Security Researcher)
- Gera Richarte (CORE)
- Juliano Rizzo (Netifera)
- Nicolas Waisman (Immunity)

Those interested in attending the sixth edition of the ekoparty, can not miss the opportunity to sign up for one of 11 highly technical trainings that will be presented on 13, 14, 15 of September.

See you there!

Wednesday, August 25, 2010

Do you need help with your trip to ekoparty?

ekoparty created an alliance with avantrip.com, thinking of all the participants from Latin America and the world, who are planning to travel on 16 and September 17 to Buenos Aires.


If you need to consult on flights, hotels, or any other type of tourist advice, contact the avantrip.com at (+5411) 4556 6444 or via e-mail to: ekoparty@avantrip.com.

Mention that you call to attend the Conference ekoparty Security and access to significant discounts!!

Also you have available a list of cheap hotels and hostels at the following address::



Do not miss the opportunity to attend the largest technical security information conference in Latin America's ! It is only once a year ... :)


Tuesday, August 17, 2010

TRAINING:Cracking & Anti-cracking Introduction

Core Security, a company dedicated to IT Security investigation, presents an unique training in LatinAmerica:"Cracking & Anti-Cracking Introduction".


Check here for further information.


CONTENT:
- Introduction, basic concepts, tools usage, PE header, win32.
- Techniques for: string references, serial fishing, api cracking.
- Patchers and loaders, VB cracking, delphi
- Virtual Machine Languages:.Net, PECode, Java
- Unpacking and Anti Debugging Techniques.
- Basic Keygenning.

GOALS:
- Get to know the main used tools for eliminate protections applied in Software (privative and non-privative)
- Learn how to prevent those techniques and which tools use for it.

NECESSARY KNOWLEDGE:
- Basic level of assembler interpretation.

LANGUAGE: Spanish

DURATION: 2 Days

INSTRUCTOR: Ricardo Narvaja
Exploit Writer SSr at Core security. Founder of the mail list rackslatinos, which has been dedicated for more than a decade to the investigation of protections and reverse engineering. He has written innumerable amount of cracking and reversing tutorials, translated to the most important languages.


INSTRUCTOR: Nahuel Riva
Member of WE group at Core for more than 3 years and has been in cracking area for 7 years. Interested in know how the software proctections work, how to break and how to improve them. He feels pleasure when share his knowlegde with the community by writing documentation.

INSTRUCTOR: Ariel Coronel
Currently he is part of the Exploit writing team at Core Security. He began with cracking activities 8 year ago, when his curiosity about software protection took him to start his investigations. He has coordinated investigation groups in RE area. He also had a forum called CrackNFO.

Wednesday, August 11, 2010

Registration is now Open for ekoparty 2010

Registration is now open for ekoparty 2010!



Don't miss the opportunity to assist to ekoparty Security Conference, the biggest technical conference about security information of LatinAmerica

In this edition, we are bringing the best trainings of the world, in a accessible and moderate price and in one place, don't lose the opportunity to train your self with the most recognized instructors on the planet.



ekoparty 2010 is reloaded, you won't want to miss it!

Cracking Wi-Fi, for real

Cedric Blancher, one of the wireless guru presents one of the most looked trainings for ekoparty assistants:"Cracking Wi-Fi, for real.


Click here for further information.


TITLE:
Cracking Wi-Fi, for real


DESCRIPTION:
Wi-Fi cracking has been around for many years. Tons of tutorials can be found on the net. However, most of them don't focus on the only thing that matters: how things are really working and what is really happening behind the tools. That is the gap this training is intended to fill.
This two days training will describe in depth the process of pentesting Wi-Fi networks, for little profit maybe and fun for sure. We will discuss WEP vulnerabilities and how to exploit them, WPA PSK cracking, understand how the tools work, what they do, when and how to use them for the best results. We will also discuss attacking open networks such as hotspots, and play with the traffic.

GOALS:
This training aims at bringing students to proficiency in pentesting Wi-Fi networks. This includes a deep understanding of Wi-Fi protocols, security mechanisms and associated vulnerabilities.
They will learn a methodology and how to use the required tools to fully achieve their attacks. The training will cover a wide range of tools, including Python programming using Scapy Wi-Fi capabilities.

DURATION: 2 Days


LANGUAGE: English


MATERIALS:
Students will be given:
- Slides for the training
- Hands-on exercises cheat-sheets
- Backtrack live CDROM


AGENDA:
0. Introduction to 802.11
1. WEP overview
2. WPA overview
3. Attack tools
4. Attacks pre-requisites
5. Basic WEP and WPA cracking
6. Handling specific situations
7. Playing with open networks
8. Introduction to Scapy for Wi-Fi
9. Conclusion


TRAINER: Cedric Blancher
Cedric is a senior researcher at EADS Computer Security Research Lab near Paris. He is working on network security and has been focusing more specifically on wireless security. He has been authoring articles and presentation worldwide on that topic, and has written Wifitap, a traffic injection based attack tool for Wi-Fi, along with PoCs tools for disrupting Wi-fi network traffic.

Using Network Forensics for Incident Response and Malware Analysis

NetWitness, one of the worldwide leaders on network forensics analysis, incident response and information leak monitoring, brings a very innovating training in these fields.


Click here for further information.


TITLE:
Using Network Forensics for Incident Response and Malware Analysis


DESCRIPTION:
Through classroom instruction and practical hands-on exercises, this two-part workshop will teach you how to conduct basic and in-depth network forensic investigations to monitor and defend your agency’s network against advanced network attack methodologies, and find the roots of external and internal security problems in the network data. Nation-sponsored and criminal attackers have moved away from direct attacks on network perimeters, and are focusing their efforts on application layer attacks. Part one of this two-part course provides the valuable knowledge needed to improve your incident response process by creating “situational awareness” within your incident response team, including the ability to expose covert network communications channels, detect of data leakage, discovery zero-day malware, and find other unauthorized network activity and advanced threats. At the end of this workshop, attendees will leave better equipped to identify and respond to advanced network attack activity, perform in-depth network-based investigations and analysis, continuously analyze the status of critical security controls, lower risk and save time and resources by resolving network security problems more quickly, and properly preserve evidence to assist management or law enforcement.

DURATION: 1 Day


LENGUAGE: English


AGENDA:
Part 1: Introduction to Network Forensics
This hands-on lab is an introduction to Network Forensics. Designed for the incident responder, computer forensics practitioner, or fraud investigator, who has a need to learn how to perform basic network forensics work, this session covers current adversary attack methodologies and tools, network investigative and technical threat analysis best practices, and chain of custody requirements and evidentiary standards. This lab also provides the attendee with a working knowledge and experience with tools such as NetWitness Investigator Freeware, WinPCAP, TCPDump, Wireshark and others. The lab uses sample data obtained from actual commercial and U.S. government cases and the students will be asked to perform incident and forensic analysis and make judgments regarding the detailed problems associated with the specific cases presented.

Part 2: Advanced Network Forensics
This hands-on lab is the follow up to Introduction to Network Forensics. Designed for the incident responder, computer forensics expert, fraud investigator, or auditor who has a good working knowledge and experience with tools such WinPCAP, TCPDump, Wireshark and NetWitness Investigator (Freeware Edition), attendees will perform in depth studies of specific hands on cases of beacon Trojans, BotNets, and zero day malware attacks; learn to recognize obfuscated JavaScript and other malware; understand how to recognize non-standard network traffic operating over standard TCP and UDP ports; learn scripting techniques to build network and application layer rules to mine data forensically in real time. The lab uses sample data obtained from actual commercial and U.S. government cases and the students will be asked to perform forensic analysis and make judgments regarding the detailed problems associated with the specific cases presented.


INSTRUCTOR: Gabe Martinez
Gabe Martinez, Vice President, Customer Success, NetWitness Corporation
With over 13 years in the security industry, Gabe has designed, implemented security solutions and performed risk assessments for every major vertical globally. Gabe is in charge of customer success at NetWitness, the world leader in network forensics and advanced threat analysis. Gabe also has over five years consulting and implementing ArcSight and was a founding member of the Solution Team and Customer Success Organization at ArcSight.

INSTRUCTOR: Ray Carney
Ray Carney, Manager, NetWitness University, NetWitness Corporation
Ray brings 15 years experience designing and delivering Information Security solutions to Global 1000 and Government organizations internationally, with a proven track record leading teams through all phases of the Information Security process, including audit and review, design and implementation, and development of custom software components. Prior to NetWitness, Mr. Carney held senior technical positions at Decurity, Splunk and ArcSight.

Wednesday, July 28, 2010

TRAINING: Modern Malware Reverse Engineering

ESET, one of the worldwide leaders in the fight against evil software, brings the most innovational training in the area.



Check here for further information.

TITLE:
Modern Malware Reverse Engineering

AGENDA:
- Basic unpacking (examples with FSG and ASPack)
- Basis of static analysis
- Control Flow analysis
- Data analysis
- Function and cross references
- IDA tips and tricks
- Basic modern malware analysis
- Typical infection vectors, how to spot them in a binary
- Typical installation mechanism and how to spot them in a binary
- Typical payloads and how to spot them in a binary
- Complete example of bot infection, from malicious javascript to installed malware
- Example of complex malware analysis, starting from semi automated de-obfuscation with final binary analysis

METHODOLOGY:
Every section of the training will have a technical introduction and review, and there will be hands-on exercises by the end of it.

AUDIENCE:
The training is focused in developers, security researchers, exploit writers or reverse engineers looking to learn about the common techniques, tips and Tools for analyzing current complex malware.

REQUISITES:
- Good knowledge of English
- Beginner knowledge of x86 assembly
- Medium programming background (any language but C or C++ preferred)
- Basic knowledge of debugging and disassembly tools such as IDA and
OllyDBG/ImmDBG
- Basic knowledge of binary unpacking

ADDICTION INFORMATION:

- A set of tools will be provided (free version of IDA, ImmunityDbg, LordPE)
- A set of binary files for the hands-on part of the training will be provided

TRAINER: Joan Calvet
Joan Calvet is a Ph.D. student at the High Security Lab in LORIA (Nancy, France) and the SecSI Lab at the Ecole Polytechnique of Montreal. He also frequently collaborates with anti malware company ESET. His main interests lie in malware analysis, reverse engineering, and software security. Joan has presented at various international conferences including REcon and Virus Bulletin.

Friday, July 23, 2010

TRAINING: VoIP Hacking and Security

BASE4 Security, brings to ekoparty one of the most innovating trainings about Hacking and Security under VoIP!



For further information please click here.


TITLE:
VoIP Hacking and Security

DESCRIPTION:
In this training you will see a wide variety of current attacks against VoIP, technologies, protocols and associated infrastructure of VoIP. You will see how to secure your VoIP Platform and analyze the risks unified communications and VoIP solutions brings to your traditional data infrastructure.
At the end of the training, assistants will gain the skills and knowledge to perform a Penetration Testing to VoIP platform.

REQUIREMENTS:
Linux and TCP/IP networks knowledge.

AGENDA: Day 1
- Introduction
- VoIP trends
- Unified Communications
- Protocols
- Signaling
- Media
- Related Protocols
- Architectures
- Exploitation of a VoIP network

AGENDA: Day 2
- Hacking VoIP
- Social Attacks
- Authentication
- Cypher
- Security Policies


TRAINER:
Giovanni Cruz Forero

Ingeniero Electrónico with more than 5 year of experience in Pen testing and Vunerability analysis. Currently he is finishing his mastering in Information Security CSEC, CEH, CFRI, CWSP, Lead Auditor 27001.

He is leading CondorLab project aim to the investigation of vulnerabilities and security under VoIP and Unified Communications. He created signs for intrusion protection under UC and VoIP platforms while he investigates about new attacks and vulnerabilities.

He presented talks in different Information Security events and taught in many Colombian Universities.

Monday, July 19, 2010

Official Blogger of ekoparty: Alejandro Eguía

From this edition and on, we are going to pick a ekoparty Official Blogger and this year chosen one is: Alejandro Eguía from Spamloco.net

ekoparty bets to LantinAmerican bloggers as an important comunication and diffution media of this event and that is why we want to congratulate Alejandro Eguía from Spamloco.net, in who we are confident, will do a great job covering ekoparty Security Conference sixth edition
Link


Official Blogger privileges include total access to all the activities during ekoparty's week, privileges granted just to organizers.

Saturday, July 17, 2010

TRAINING: Web Testing & Exploiting Workshop

Bonsai, brings again the best Security Web training of nowadays to ekoparty




Check here for further information.


TITTLE:
Web Testing & Exploiting Workshop

INTRODUCTION:
The Bonsai Web application Security training focuses on teaching participants the different Web vulnerabilities and the way in which these can be identified manually or automatically. During the course you will learn theoretical concepts followed by hands-on practices performed in the laboratory especially designed for the course.

Our experience in training has helped us to create the best course of Web Application Security, which is aimed at understanding the source code: for each subject a vulnerable code segment is presented. In the class, attendees will learn Vulnerability in Java, PHP, ASP.NET, ASP, Ruby and Python languages.

The course was developed for participants, with varying skill levels, can benefit as much as possible. During the first hour, will review basic concepts on HTTP and generic techniques about vulnerability discoveries, then gradually the difficulty will increase up to the level you can understand and identify more complex vulnerabilities. Informatic security experts, as well as Web application developers will benefit from this course.

To ensure the quality of our course, we will have a maximum of eighteen assistants, each with its own computer and connected to the training laboratory.

GOALS:
- Transfer the knowledge, tools and necessary techniques to understand the different types of existing Web Vulnerabilities, to identify any security leak in the future.

- Understand vulnerabilities in a theoretical environment and be able to identify them in practical laboratory examples.

- Apply in a controlled environment and using hands-on methodology the tools used by professionals like w3af ( created by the trainer), burp and sqlmap.

MATERIALS:
All the students will received:
- A folder with the training slides
- Live CD with the Web security tools used in the training
- VMware Image with the training environment
- Assistance Certificate

TRAINER: Nahuel Grisolía
Nahuel Grisolía is Project Manager of Penetration testing team in Bonsai Information Security Company. Currently he is working in Intrusion Test projects, related with Web application and LAN/WAN networks. His main interest is on the security development and web application analysis, code reviewing, GNU Linux/Unix platforms and electronic devices.

Nahuel has discovered many vulnerabilities related with Web application security on commercial products like McAfee Ironmail and Manage Engine Service Desk Plus and in Free Software projects like Achievo, Cacti, OSSIM y osTicket.

Currently, he is is attending Ingenireria en Informatica at UBA (Universidad de Buenos Aires) and has a CEH certification provided by EC-Council.

TRAINER: Andrés Riancho
Andrés Riancho is an information security researcher and he has founded Bonsai Information Security Company. Besides managing Bonsai, he is involved in the Penetration Testing and Vulnerabilities Research presentations. He has discovered critical vulnerabilities in IPS appliances from 3com and ISS and hascontributed in SAP security investigation for may other security information companies.

His main concern has always been Web application security. This concern took him to create a tool to help in the optimization of Web applications and based on this need he designed and develop w3af software (Web Application Attach and Audit Framework), which is widely used for penetration testers and security consultants. Andrés has spoken at numerous security conferences around the world, such as SecTor (Canada), FRHACK (France), OWASP (Polony) CONFidence (Polony), OWASP World C0n (USA), CanSecWest (Canada), T2 (Finland) y ekoparty (Buenos Aires).

Andrés founded Bonsai in 2009 to continue his investigation about automated vulnerabilities detection and exploitation in Web applications. And to provide professional and high quality service in a undeveloped area like information security.


AGENDA:

1. HTTP protocol introduction
. Requirements and responses
. HTTP Headers
. Secure Socket Layer (SSL)

2. Generic concepts for secure web application development
. Tainted Variables
. Sensitive Functions
. Functions validation

3. Types of analysis:
. Static code analysis, black box testing and gray box testing
. Definitions
. Detectable Vulnerabilities
. Non-Detectable Vulnerabilities

4. Configuration and development common errors
. HTML Comments and versions
. Backup Archives
. Local data bases
. HTML hidden fields
. Directory numeration
. Directory Indexing

5. Web Application Vulnerabilities
. Error and exception messages
. Path Disclosure
. OS Commanding
. Local file read
. Local inclusion of archives
. Path Traversal and Null Bytes
. Remote file inclusions
. HTTP Response Splitting
. Non-Common Attack vectors
. LDAP Injection
. PHP preg_replace vulnerabilities
. SQL Injection
. Blind SQL Injection
. Cross Site Scripting (XSS)
. Cross Site Request Forgeries / Session Riding

6. Scalation of privileges in Web application

7. Vulnerabilities in the application logic

8. Control in the Object authorization

9. Web services Security considerations

10. Web 2.0 application vulnerabilities

Friday, July 16, 2010

TRAINING: Breaking Windows

This year Immunity brings a training that will take your pen-testing skills to a higher


Check here for further information.


TITLE:
Breaking Windows

DESCRIPTION:
Tired of reading advisories without taking advantages?

Bored to continue open-mouthed about the 1001 Milw0rm exploits and unable to contribute?

Tired of the incessant cry of your customers every time a public exploit for Windows in Aramaic restart the mail server in the middle of a pentest?

Immunity offers
a course "Suitable for all ages" orientated to administrators, consultants and curious minds, on one of the most fascinating topics of computer security: Exploits Programming.

After the course you will get the knowledge to move freely in a debugger, understand the risks of a vulnerability and develop an exploit that allows to benefit from a stack overflow.


NECESSARY KNOWLEDGES:
Basic knowledge: network, programming and security. Desire to learn.

AGENDA: Day 1
* Principles on Windows Stack Overflow
- Basic diagnostics on stack overflows
- Construction of stack overflows
- Finding reliable jump points.
- Using Immunity Debugger for
exploits development.
- Analyzing operating programs

AGENDA: Day 2
* Advanced Windows Stack Overflows
- Double-Edged Sword: Using SEH
- Protections: Stack Cookies, SAFESEH, DEP
- Return to libc

ABOUT THE TRAINERS:
Agustin Gianni is a member of Immunity since March 2010. He develops activities related to reverse engineering, exploitation of vulnerabilities and programming. His areas of interest are from Operating Systems Programming, Mathematics to reversing development tools, among others.

Riccobaldi Franco joined Immunity team in January 2010. He worked for three years as a systems administrator in the banking area, where he also worked in reverse engineering tasks and code audits. Currently among the tasks performed are: analysis and search for vulnerabilities, exploits development and exploitation techniques.

TRAINING: Python for Hackers

Immunity brings us a training that will take your penetration tester skills one step forward!


Check here for further information.


TITLE:
Python for Hackers

DESCRIPTION:
Pentesting by definition is a methology to evaluate computers and network security, emulating the tools and techquics an evil user will use against us. These years there have been many courses and certifications about pentesting techniques and tools. But evil users are always one step ahead.

Immunity will provide a training about this method taking the pentester to the next step, teaching how to develop in Python Language new tools to analyze and exploit networks, covering a wide items spectrum including from web hacking to fuzzing.

The course will be aim to all those persons interested on information security world, pentesters and system administrators, whom are not conformable with just clicking a tool button and prefer the pro-activity, providing efficiency and audit flexibility

REQUIRED KNOWLEDGE:
Basic knowledge about networks, programming and security. Desire to learn.

AGENDA: Day 1
1. Introduction to Python
- Syntax
- Useful types, lists, arrays, dictionaries, etc.
- Sockets and basic network functions, ssl sockets.
- Command Line applications
2. Networking
- Introduction to ARP, DNS, DHCP protocols
- Introduction to Scapy
- Spoofing arp, dns, dhcp
- Sniffing, package filters
- Network Scanning

AGENDA: Day 2
3. Graphic Interface
- Glade/GTK
4. Web
- HTML parsing
- Search Engines (ej: google).
- HTTP/HTTPS Native python libraries
5. Fuzzing
- Introduction to Sulley Fuzzing Framework
- File Format fuzzing
- Network Fuzzing
- Introduction to Immunity Debugger
- Hooks
6. CTF

ABOUT THE TRAINERS:
Sebastián Fernández joined Inmunity team in 2009. His responsabilities include code and exploits development destinated to CANVAS framework. Besides breaking programs, Sebastián is interested on task authomatation related to pentesting and application reversing.

Matias Soler joined Inmunity team in 2009. Matias has experience in ofensive and defensive areas in information security, worked for four years for Goverment security in Argentina and as external consultor.
Currently Matias develops exploits, work in reverse engineering and security research.

Thursday, July 15, 2010

Open Source Intelligence Gathering for Pentesting

For the pleasure of Argentinian women, and the joy of all the geeks, the charismatic presence of Chema Alonso will join us again this year offering one of the most interesting training of ekoparty!!


Check here for more information.


TITTLE:
Open Source Intelligence Gathering for Pentesting

DESCRIPTION:
Before a penetration test, the collection of prior information could establish the difference between success and failure. This training is a training that grab the available information sources and information can be inferred through them, besides all the security breaches caused by members of the company. At the end of training students will be able to prepare an intelligence report about an organization to start building a pentesting plan

CONTENT
:
- Open Intelligence Gathering
o Goals
o Resources
o Phases
- Footprinting
o Public Data Infrastructure Gathering
* Organization Identification
* Internet Presence: InterNIC, Whois, DNS, etc..
* Service Providers
* State Records
* Published Services
o People Public Data Gathering
* People Identification
* Social tracing
* Maltego
- Fingerpinting
o Service Figerprinting
o OS fingerprinting
o Google/Bing/DNS fingerprinting
o Thrashing services
o Metadata fingerprinting
* Document exploration
* Document recognition
o Network mapping with FOCA
* Hand tunning
- Protection against data leaks
o DLP Techniques

DURATION: 1 day

MATERIALS:
All the submitters will receive a version of FOCA Pro.

TRAINER: Chema Alonso

Chema Alonso is Computer Engineering from the Universidad Rey Juan Carlos of Madrid where he is finishing his doctoral thesis on Web application security. He has been awarded the title of Most Valuable Professional by Microsoft in the area of computer security since 2004, a distinction that today, only three people have in Spain. It is usual writer on computer security technology magazines and speaker at national conferences such as the Microsoft Security Tour, Masters, or Technet Security Day @ Secure IT also participated in international conferences such as Blackhat, Defcon, ToorCon or ShmooCon among others. He works as a security consultant in computer 64 and writes a blog on computer security entitled "Un informático del lado del mal."

Tuesday, July 13, 2010

TRAINING: SAP Security In-Depth

Year after year, ekoparty Security Conference presents the best and most improving trainings at a moderate cost. For the very first time in this edition we will offer the best SAP security training of the moment!


Click here for more information.


TITLE:
SAP Security In-Depth

OVERVIEW:
Have you ever wondered whether your business-critical SAP implementation was secure? Do you know how to check it? Have you imagined which could be the impact of an attack to your core business platform? Do you know how to prevent it? This training is the answer to these questions.

For many years, SAP security has been a synonym of "segregation of duties" or "securing roles and profiles". While this kind of security is mandatory and of absolute importance, there are many threats that have been so far overlooked and are even more dangerous, such as the possibility of taking remote control of the entire SAP landscape without having any user in any system.

This training will help you to fill this knowledge gap, allowing you to understand the involved threats and risks and how to mitigate them. You will review the whole picture, from the security of the Environment and the SAP application-level gateways (SAProuter, Webdispatcher), through the assessment and hardening of the Operating Systems and Databases and their interaction with the SAP systems up to the security of the SAP Application Layer: Authentication, User security, Password Policies, Authorization subsystem, Interface Security, ABAP security concepts, Component Security, Backdoors, Auditing, Monitoring and more!

The training is organized with many hands-on exercises, which will help you grasp practical knowledge quickly. You will learn how to assess the security of an SAP implementation and then secure the critical security gaps you discovered. You will be able to learn how to use different SAP security tools, as well as Onapsis Bizploit, the first opensource ERP Penetration Testing Framework.

The training also provides a quick introduction to basic SAP concepts, which allows non-SAP security professionals to follow the course smoothly.

WHO SHOULD ATTEND:

Information Security Managers, Consultants and Auditors. SAP Administrators, Project Leaders and Consultants.

KEY LEARNING OBJECTIVES:
Understand the basic security concepts in SAP systems
Learn which are the main risks that can affect the security of the platform.
Learn how to perform technical security assessment of SAP systems.
Understand how to protect the systems from detected vulnerabilities, decreasing fraud risk.
Use specific software to evaluate the security of an SAP system.
Grasp practical knowledge through hands-on exercises.

AGENDA: Day 1
Introduction to SAP
Threats
Onapsis Bizploit – The ERP Penetration Testing Framework
Security of the Environment
Secure Architecture
SAP Application Level Gateways
The SAProuter
The SAP Web Dispatcher
Security of the OS & DB
Security of SAP on Windows environments
Security of SAP on UNIX environments
Security of SAP with MS SQL Server databases
Security of SAP with Oracle databases
Security of the SAP Application Layer
Authentication Mechanisms
User Security

AGENDA: Day 2
Security of the SAP Application Layer
Password Policies
Authorization Concept
Interface Security
Securing the System Landscape
ABAP (In)Security
SAP Backdoors
Component and Application Security
SAP Internet Transaction Server (ITS)
SAP Internet Communication Manager (ICM)
SAP Management Console (MC)
SAP Secure Network Communications (SNC)
Secure Sockets Layer (SSL)
Monitoring and Auditing
Conclusions

PRE-REQUESITES KNOWLEDGE:
- The training provides a quick introduction to basic SAP concepts, which allows non-SAP security professionals to follow the course smoothly.
- General knowledge of networking and security concepts is recommended.

TRAINER: Mariano Nuñez Di Croce
Mariano Nuñez Di Croce is the Director of Research and Development at Onapsis. Mariano has a long experience as a Senior Security Consultant, mainly involved in security assessments and vulnerability research. He has discovered critical vulnerabilities in SAP, Microsoft, Oracle and IBM applications.

Mariano leads the SAP Security Team at Onapsis, where he works hardening and assessing the security of critical SAP implementations in world-wide organizations. He is the author and developer of the first open-source SAP & ERP Penetration Testing Frameworks and has discovered more than 50 vulnerabilities in SAP applications. Mariano is also the lead author of the "SAP Security In-Depth" publication and founding member of BIZEC, the Business Security community.

Mariano has been invited to hold presentations and trainings in many international security conferences such as BlackHat USA/EU, HITB Dubai/EU, DeepSec, Sec-T, Hack.lu, Ekoparty and Seacure.it as well as to host private trainings for Fortune-100 companies and defense contractors. Mariano has a degree in Computer Science Engineering from the UTN.

Monday, July 12, 2010

TRAINING: Lockpicking, From Novice to Master in Two Days

Again on this edition, Deviant Ollam will present the "Lockpicking, From Novice to Master in Two Days" training!


More information here.


TITLE:
Lockpicking, From Novice to Master in Two Days

OVERVIEW:
Physical security is an oft-overlooked component of data and system security in the technology world. While frequently forgotten, it is no less critical than timely patches, appropriate password policies, and proper user permissions. You can have the most hardened servers and network but that doesn't make the slightest difference if someone can gain direct access to a keyboard or, worse yet, march your hardware right out the door.


TOPICS:
* The Basic Pin Tumbler Design - 90% of your doors are unsafe
* Combination Locks - open in 30 seconds with a beer can, or in 10 minutes with no tools at all
* Warded Lock Bypassing - yes, skeleton keys DO exist.
* Tubular Lock Picking - does your elevator restrict access to specific floors? Think again.
* Wafer Locks - is there anything of value in your desks, access panels & cars?
* Handcuffs & Gun Locks - physical security at its most basic.
* Bump Keying - the newly-publicized threat... who is addressing it and who is only paying lip service.
* Picking High Security Pins - with a steady hand, this is possible. You will learn how.
* Advanced Sidebar Functionality - how PROPER high-security locks function.
* Concerns for Large Institutions - master keying, fire codes, and emergency access... comply with the law without sacrificing security.
* Electronic Locks - just because there are wires and circuits doesn't mean there's security.
* Electronic Access Control Systems - how to tell a robust and strong RFID/Prox/SmartCard HID system from a poor one.
* Infrastructure Security - augmenting your physical locks and access controls with proper building design.
* Forensics After a Break-In - don't make mistakes that can result in denial of thousands in insurance coverage.
* Acquiring Your Own Tools - we'll give you a starter kit in this course, but in case you want additional tools, we will also cover the best (and most economical) sources for hardware.

YOU'LL LEARN:
Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access. Attendees will not only learn how to distinguish good locks and access control from poor ones, but will also become well-versed in picking and bypassing many of the most common locks used in North America... convince management that a new investment is necessary by showing them yourself how the server room door can be opened without a key in under a
minute!

PREREQUISITES/REQUIRED MATERIALS:
None. If you have your own lockpicks, you are welcome to bring them, but this is not necessary. A set of lockpicking tools will be provided to you as part of the course.

COURSE LENGHT:
Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered.


TRAINER: Deviant Ollam
While paying the bills as a security auditor and penetration testing consultant with The CORE Group, Deviant Ollam is also a published author and member of the Board of Directors of the US division of TOOOL, The Open Organisation of Lockpickers. Every year at DEFCON and ShmooCon, Deviant runs the Lockpick Village, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United States Military Academy at West Point.

KONEX will be the Event Location for ekoparty 2010!

Ciudad Cultural KONEX was confirmed as the location of the ekoparty Security Conference



Ciudad Cultural KONEX building was built in 1920 and used as a factory and oils depot till 1992. Years later it was acquired to create the Ciuidad Cultural Konex and make a model of cultural activity in our country. Estudio Clorindo Testa & Asociados was the responsible for transforming the old oil factory into a cultural space keeping intact the original architectural details of that time.

Today the complex occupies much of the old property surface with a refurbishment of its facilities where coexist and interrelate all kind of artistic expressions with the common goal of providing a cultural and artistic enrichment to the community.

This year, ekoparty will have an extra room of this incredible place.

Sunday, July 11, 2010

FORENSIC CHALLENGE in ekoparty

The sixth edition of ekoparty Security Conference will offer a lot of parallel activities during the conference, like workshops, expositions, wargames and challenges.


One of these activities will be FORENSIC CHALLENGE, where every attendant will get a disk image which will belong to a victim and the challenge is to find out what truly happened.


FORENSIC CHALLENGE will be led by DragonJAR Community, one of the biggest IT Security communities in Latin America that will be attending the ekoparty

Wednesday, July 7, 2010

Biquad WiFi Antennas build Lab

As we get closer to September 16 / 17, we'll be publishing in our blog all parallel activities that will be available during this new edition of ekoparty security conference

Biquad WiFi Antennas build Lab objective is every assistant have the opportunity to set up their own Biquad WiFi antenna.


You will see flexible, light , cheap, easy to assemble, and high gain antenna models. Designate for the lady or gentleman's pocket. During the ekoparty there will be an area destinated to the construction of antennas, coordinated by the ekoparty organizers.
In 30 minutes you will have your own antenna to take home or even better, to use in the Oficial Wardriving!

There will be kits on sale also, in case you don't bring the necessary materials. Prices will be low, don't worry about it, the idea is to spend a nice time and broadcast this passioned activity.

"MatesLab" hackspace will be leading this activity. They are from Mar del Plata City (Buenos Aires sea coast), you remember Sebastián García for sure, he belongs to this group and during ekoparty 2008 edition he presented the paper: "Tell how you attack and I will tell you who you are".

Thursday, July 1, 2010

Que la sigan ROOTEANDO

Slogan contest for ekoparty 2010 finally finished... and the winner is:

"Que la sigan ROOTEANDO"


Congratulations to Alfredo Ramírez, the slogan's creator. It will be used to design all ekoparty 2010 merchandising!

We'd like to thank all who participated in the Slogan Contest and please keep following the set-out for this 6th edition of ekoparty

Monday, May 31, 2010

VOTE ekoparty 2010 SLOGAN!

Now is available the public pool for this year slogan. The winning slogan will be printed on all ekoparty merchandising. Vote now!


Don't miss the contest, take part in the election of the slogan that will be representing us during this ekoparty 2010!
Link

Saturday, May 15, 2010

CALL FOR SLOGAN is now OPEN!

You have till May 26th to send yours slogans to slogan@ekoparty.org. Once we receive and organize them you will find online the vote page so you can chose the best.

The author of the winning slogan will get a free ticket to the conference!!!
It is allowed to send 3 slogans per submitter, so you better chose well yours shots.

Tuesday, May 11, 2010

CALL FOR PAPERS is now OPEN!

Call For Papers for ekoparty Security Conference sixth edition is now officially open!

You will find the comple CFP in the following link:


These are some of the most important dates you should keep in mind:


- May 10 - CFP is Open
- August 15 - CFP is Closed
- September 13-15 - ekoparty Trainings
- September 16-17 - ekoparty Conference

Looking forward for your papers!

ekoparty has new website!

Come and see all the news about ekoparty 2010 edition!