Wednesday, July 28, 2010

TRAINING: Modern Malware Reverse Engineering

ESET, one of the worldwide leaders in the fight against evil software, brings the most innovational training in the area.



Check here for further information.

TITLE:
Modern Malware Reverse Engineering

AGENDA:
- Basic unpacking (examples with FSG and ASPack)
- Basis of static analysis
- Control Flow analysis
- Data analysis
- Function and cross references
- IDA tips and tricks
- Basic modern malware analysis
- Typical infection vectors, how to spot them in a binary
- Typical installation mechanism and how to spot them in a binary
- Typical payloads and how to spot them in a binary
- Complete example of bot infection, from malicious javascript to installed malware
- Example of complex malware analysis, starting from semi automated de-obfuscation with final binary analysis

METHODOLOGY:
Every section of the training will have a technical introduction and review, and there will be hands-on exercises by the end of it.

AUDIENCE:
The training is focused in developers, security researchers, exploit writers or reverse engineers looking to learn about the common techniques, tips and Tools for analyzing current complex malware.

REQUISITES:
- Good knowledge of English
- Beginner knowledge of x86 assembly
- Medium programming background (any language but C or C++ preferred)
- Basic knowledge of debugging and disassembly tools such as IDA and
OllyDBG/ImmDBG
- Basic knowledge of binary unpacking

ADDICTION INFORMATION:

- A set of tools will be provided (free version of IDA, ImmunityDbg, LordPE)
- A set of binary files for the hands-on part of the training will be provided

TRAINER: Joan Calvet
Joan Calvet is a Ph.D. student at the High Security Lab in LORIA (Nancy, France) and the SecSI Lab at the Ecole Polytechnique of Montreal. He also frequently collaborates with anti malware company ESET. His main interests lie in malware analysis, reverse engineering, and software security. Joan has presented at various international conferences including REcon and Virus Bulletin.

Friday, July 23, 2010

TRAINING: VoIP Hacking and Security

BASE4 Security, brings to ekoparty one of the most innovating trainings about Hacking and Security under VoIP!



For further information please click here.


TITLE:
VoIP Hacking and Security

DESCRIPTION:
In this training you will see a wide variety of current attacks against VoIP, technologies, protocols and associated infrastructure of VoIP. You will see how to secure your VoIP Platform and analyze the risks unified communications and VoIP solutions brings to your traditional data infrastructure.
At the end of the training, assistants will gain the skills and knowledge to perform a Penetration Testing to VoIP platform.

REQUIREMENTS:
Linux and TCP/IP networks knowledge.

AGENDA: Day 1
- Introduction
- VoIP trends
- Unified Communications
- Protocols
- Signaling
- Media
- Related Protocols
- Architectures
- Exploitation of a VoIP network

AGENDA: Day 2
- Hacking VoIP
- Social Attacks
- Authentication
- Cypher
- Security Policies


TRAINER:
Giovanni Cruz Forero

Ingeniero Electrónico with more than 5 year of experience in Pen testing and Vunerability analysis. Currently he is finishing his mastering in Information Security CSEC, CEH, CFRI, CWSP, Lead Auditor 27001.

He is leading CondorLab project aim to the investigation of vulnerabilities and security under VoIP and Unified Communications. He created signs for intrusion protection under UC and VoIP platforms while he investigates about new attacks and vulnerabilities.

He presented talks in different Information Security events and taught in many Colombian Universities.

Monday, July 19, 2010

Official Blogger of ekoparty: Alejandro Eguía

From this edition and on, we are going to pick a ekoparty Official Blogger and this year chosen one is: Alejandro Eguía from Spamloco.net

ekoparty bets to LantinAmerican bloggers as an important comunication and diffution media of this event and that is why we want to congratulate Alejandro Eguía from Spamloco.net, in who we are confident, will do a great job covering ekoparty Security Conference sixth edition
Link


Official Blogger privileges include total access to all the activities during ekoparty's week, privileges granted just to organizers.

Saturday, July 17, 2010

TRAINING: Web Testing & Exploiting Workshop

Bonsai, brings again the best Security Web training of nowadays to ekoparty




Check here for further information.


TITTLE:
Web Testing & Exploiting Workshop

INTRODUCTION:
The Bonsai Web application Security training focuses on teaching participants the different Web vulnerabilities and the way in which these can be identified manually or automatically. During the course you will learn theoretical concepts followed by hands-on practices performed in the laboratory especially designed for the course.

Our experience in training has helped us to create the best course of Web Application Security, which is aimed at understanding the source code: for each subject a vulnerable code segment is presented. In the class, attendees will learn Vulnerability in Java, PHP, ASP.NET, ASP, Ruby and Python languages.

The course was developed for participants, with varying skill levels, can benefit as much as possible. During the first hour, will review basic concepts on HTTP and generic techniques about vulnerability discoveries, then gradually the difficulty will increase up to the level you can understand and identify more complex vulnerabilities. Informatic security experts, as well as Web application developers will benefit from this course.

To ensure the quality of our course, we will have a maximum of eighteen assistants, each with its own computer and connected to the training laboratory.

GOALS:
- Transfer the knowledge, tools and necessary techniques to understand the different types of existing Web Vulnerabilities, to identify any security leak in the future.

- Understand vulnerabilities in a theoretical environment and be able to identify them in practical laboratory examples.

- Apply in a controlled environment and using hands-on methodology the tools used by professionals like w3af ( created by the trainer), burp and sqlmap.

MATERIALS:
All the students will received:
- A folder with the training slides
- Live CD with the Web security tools used in the training
- VMware Image with the training environment
- Assistance Certificate

TRAINER: Nahuel Grisolía
Nahuel Grisolía is Project Manager of Penetration testing team in Bonsai Information Security Company. Currently he is working in Intrusion Test projects, related with Web application and LAN/WAN networks. His main interest is on the security development and web application analysis, code reviewing, GNU Linux/Unix platforms and electronic devices.

Nahuel has discovered many vulnerabilities related with Web application security on commercial products like McAfee Ironmail and Manage Engine Service Desk Plus and in Free Software projects like Achievo, Cacti, OSSIM y osTicket.

Currently, he is is attending Ingenireria en Informatica at UBA (Universidad de Buenos Aires) and has a CEH certification provided by EC-Council.

TRAINER: Andrés Riancho
Andrés Riancho is an information security researcher and he has founded Bonsai Information Security Company. Besides managing Bonsai, he is involved in the Penetration Testing and Vulnerabilities Research presentations. He has discovered critical vulnerabilities in IPS appliances from 3com and ISS and hascontributed in SAP security investigation for may other security information companies.

His main concern has always been Web application security. This concern took him to create a tool to help in the optimization of Web applications and based on this need he designed and develop w3af software (Web Application Attach and Audit Framework), which is widely used for penetration testers and security consultants. Andrés has spoken at numerous security conferences around the world, such as SecTor (Canada), FRHACK (France), OWASP (Polony) CONFidence (Polony), OWASP World C0n (USA), CanSecWest (Canada), T2 (Finland) y ekoparty (Buenos Aires).

Andrés founded Bonsai in 2009 to continue his investigation about automated vulnerabilities detection and exploitation in Web applications. And to provide professional and high quality service in a undeveloped area like information security.


AGENDA:

1. HTTP protocol introduction
. Requirements and responses
. HTTP Headers
. Secure Socket Layer (SSL)

2. Generic concepts for secure web application development
. Tainted Variables
. Sensitive Functions
. Functions validation

3. Types of analysis:
. Static code analysis, black box testing and gray box testing
. Definitions
. Detectable Vulnerabilities
. Non-Detectable Vulnerabilities

4. Configuration and development common errors
. HTML Comments and versions
. Backup Archives
. Local data bases
. HTML hidden fields
. Directory numeration
. Directory Indexing

5. Web Application Vulnerabilities
. Error and exception messages
. Path Disclosure
. OS Commanding
. Local file read
. Local inclusion of archives
. Path Traversal and Null Bytes
. Remote file inclusions
. HTTP Response Splitting
. Non-Common Attack vectors
. LDAP Injection
. PHP preg_replace vulnerabilities
. SQL Injection
. Blind SQL Injection
. Cross Site Scripting (XSS)
. Cross Site Request Forgeries / Session Riding

6. Scalation of privileges in Web application

7. Vulnerabilities in the application logic

8. Control in the Object authorization

9. Web services Security considerations

10. Web 2.0 application vulnerabilities

Friday, July 16, 2010

TRAINING: Breaking Windows

This year Immunity brings a training that will take your pen-testing skills to a higher


Check here for further information.


TITLE:
Breaking Windows

DESCRIPTION:
Tired of reading advisories without taking advantages?

Bored to continue open-mouthed about the 1001 Milw0rm exploits and unable to contribute?

Tired of the incessant cry of your customers every time a public exploit for Windows in Aramaic restart the mail server in the middle of a pentest?

Immunity offers
a course "Suitable for all ages" orientated to administrators, consultants and curious minds, on one of the most fascinating topics of computer security: Exploits Programming.

After the course you will get the knowledge to move freely in a debugger, understand the risks of a vulnerability and develop an exploit that allows to benefit from a stack overflow.


NECESSARY KNOWLEDGES:
Basic knowledge: network, programming and security. Desire to learn.

AGENDA: Day 1
* Principles on Windows Stack Overflow
- Basic diagnostics on stack overflows
- Construction of stack overflows
- Finding reliable jump points.
- Using Immunity Debugger for
exploits development.
- Analyzing operating programs

AGENDA: Day 2
* Advanced Windows Stack Overflows
- Double-Edged Sword: Using SEH
- Protections: Stack Cookies, SAFESEH, DEP
- Return to libc

ABOUT THE TRAINERS:
Agustin Gianni is a member of Immunity since March 2010. He develops activities related to reverse engineering, exploitation of vulnerabilities and programming. His areas of interest are from Operating Systems Programming, Mathematics to reversing development tools, among others.

Riccobaldi Franco joined Immunity team in January 2010. He worked for three years as a systems administrator in the banking area, where he also worked in reverse engineering tasks and code audits. Currently among the tasks performed are: analysis and search for vulnerabilities, exploits development and exploitation techniques.

TRAINING: Python for Hackers

Immunity brings us a training that will take your penetration tester skills one step forward!


Check here for further information.


TITLE:
Python for Hackers

DESCRIPTION:
Pentesting by definition is a methology to evaluate computers and network security, emulating the tools and techquics an evil user will use against us. These years there have been many courses and certifications about pentesting techniques and tools. But evil users are always one step ahead.

Immunity will provide a training about this method taking the pentester to the next step, teaching how to develop in Python Language new tools to analyze and exploit networks, covering a wide items spectrum including from web hacking to fuzzing.

The course will be aim to all those persons interested on information security world, pentesters and system administrators, whom are not conformable with just clicking a tool button and prefer the pro-activity, providing efficiency and audit flexibility

REQUIRED KNOWLEDGE:
Basic knowledge about networks, programming and security. Desire to learn.

AGENDA: Day 1
1. Introduction to Python
- Syntax
- Useful types, lists, arrays, dictionaries, etc.
- Sockets and basic network functions, ssl sockets.
- Command Line applications
2. Networking
- Introduction to ARP, DNS, DHCP protocols
- Introduction to Scapy
- Spoofing arp, dns, dhcp
- Sniffing, package filters
- Network Scanning

AGENDA: Day 2
3. Graphic Interface
- Glade/GTK
4. Web
- HTML parsing
- Search Engines (ej: google).
- HTTP/HTTPS Native python libraries
5. Fuzzing
- Introduction to Sulley Fuzzing Framework
- File Format fuzzing
- Network Fuzzing
- Introduction to Immunity Debugger
- Hooks
6. CTF

ABOUT THE TRAINERS:
Sebastián Fernández joined Inmunity team in 2009. His responsabilities include code and exploits development destinated to CANVAS framework. Besides breaking programs, Sebastián is interested on task authomatation related to pentesting and application reversing.

Matias Soler joined Inmunity team in 2009. Matias has experience in ofensive and defensive areas in information security, worked for four years for Goverment security in Argentina and as external consultor.
Currently Matias develops exploits, work in reverse engineering and security research.

Thursday, July 15, 2010

Open Source Intelligence Gathering for Pentesting

For the pleasure of Argentinian women, and the joy of all the geeks, the charismatic presence of Chema Alonso will join us again this year offering one of the most interesting training of ekoparty!!


Check here for more information.


TITTLE:
Open Source Intelligence Gathering for Pentesting

DESCRIPTION:
Before a penetration test, the collection of prior information could establish the difference between success and failure. This training is a training that grab the available information sources and information can be inferred through them, besides all the security breaches caused by members of the company. At the end of training students will be able to prepare an intelligence report about an organization to start building a pentesting plan

CONTENT
:
- Open Intelligence Gathering
o Goals
o Resources
o Phases
- Footprinting
o Public Data Infrastructure Gathering
* Organization Identification
* Internet Presence: InterNIC, Whois, DNS, etc..
* Service Providers
* State Records
* Published Services
o People Public Data Gathering
* People Identification
* Social tracing
* Maltego
- Fingerpinting
o Service Figerprinting
o OS fingerprinting
o Google/Bing/DNS fingerprinting
o Thrashing services
o Metadata fingerprinting
* Document exploration
* Document recognition
o Network mapping with FOCA
* Hand tunning
- Protection against data leaks
o DLP Techniques

DURATION: 1 day

MATERIALS:
All the submitters will receive a version of FOCA Pro.

TRAINER: Chema Alonso

Chema Alonso is Computer Engineering from the Universidad Rey Juan Carlos of Madrid where he is finishing his doctoral thesis on Web application security. He has been awarded the title of Most Valuable Professional by Microsoft in the area of computer security since 2004, a distinction that today, only three people have in Spain. It is usual writer on computer security technology magazines and speaker at national conferences such as the Microsoft Security Tour, Masters, or Technet Security Day @ Secure IT also participated in international conferences such as Blackhat, Defcon, ToorCon or ShmooCon among others. He works as a security consultant in computer 64 and writes a blog on computer security entitled "Un informático del lado del mal."

Tuesday, July 13, 2010

TRAINING: SAP Security In-Depth

Year after year, ekoparty Security Conference presents the best and most improving trainings at a moderate cost. For the very first time in this edition we will offer the best SAP security training of the moment!


Click here for more information.


TITLE:
SAP Security In-Depth

OVERVIEW:
Have you ever wondered whether your business-critical SAP implementation was secure? Do you know how to check it? Have you imagined which could be the impact of an attack to your core business platform? Do you know how to prevent it? This training is the answer to these questions.

For many years, SAP security has been a synonym of "segregation of duties" or "securing roles and profiles". While this kind of security is mandatory and of absolute importance, there are many threats that have been so far overlooked and are even more dangerous, such as the possibility of taking remote control of the entire SAP landscape without having any user in any system.

This training will help you to fill this knowledge gap, allowing you to understand the involved threats and risks and how to mitigate them. You will review the whole picture, from the security of the Environment and the SAP application-level gateways (SAProuter, Webdispatcher), through the assessment and hardening of the Operating Systems and Databases and their interaction with the SAP systems up to the security of the SAP Application Layer: Authentication, User security, Password Policies, Authorization subsystem, Interface Security, ABAP security concepts, Component Security, Backdoors, Auditing, Monitoring and more!

The training is organized with many hands-on exercises, which will help you grasp practical knowledge quickly. You will learn how to assess the security of an SAP implementation and then secure the critical security gaps you discovered. You will be able to learn how to use different SAP security tools, as well as Onapsis Bizploit, the first opensource ERP Penetration Testing Framework.

The training also provides a quick introduction to basic SAP concepts, which allows non-SAP security professionals to follow the course smoothly.

WHO SHOULD ATTEND:

Information Security Managers, Consultants and Auditors. SAP Administrators, Project Leaders and Consultants.

KEY LEARNING OBJECTIVES:
Understand the basic security concepts in SAP systems
Learn which are the main risks that can affect the security of the platform.
Learn how to perform technical security assessment of SAP systems.
Understand how to protect the systems from detected vulnerabilities, decreasing fraud risk.
Use specific software to evaluate the security of an SAP system.
Grasp practical knowledge through hands-on exercises.

AGENDA: Day 1
Introduction to SAP
Threats
Onapsis Bizploit – The ERP Penetration Testing Framework
Security of the Environment
Secure Architecture
SAP Application Level Gateways
The SAProuter
The SAP Web Dispatcher
Security of the OS & DB
Security of SAP on Windows environments
Security of SAP on UNIX environments
Security of SAP with MS SQL Server databases
Security of SAP with Oracle databases
Security of the SAP Application Layer
Authentication Mechanisms
User Security

AGENDA: Day 2
Security of the SAP Application Layer
Password Policies
Authorization Concept
Interface Security
Securing the System Landscape
ABAP (In)Security
SAP Backdoors
Component and Application Security
SAP Internet Transaction Server (ITS)
SAP Internet Communication Manager (ICM)
SAP Management Console (MC)
SAP Secure Network Communications (SNC)
Secure Sockets Layer (SSL)
Monitoring and Auditing
Conclusions

PRE-REQUESITES KNOWLEDGE:
- The training provides a quick introduction to basic SAP concepts, which allows non-SAP security professionals to follow the course smoothly.
- General knowledge of networking and security concepts is recommended.

TRAINER: Mariano Nuñez Di Croce
Mariano Nuñez Di Croce is the Director of Research and Development at Onapsis. Mariano has a long experience as a Senior Security Consultant, mainly involved in security assessments and vulnerability research. He has discovered critical vulnerabilities in SAP, Microsoft, Oracle and IBM applications.

Mariano leads the SAP Security Team at Onapsis, where he works hardening and assessing the security of critical SAP implementations in world-wide organizations. He is the author and developer of the first open-source SAP & ERP Penetration Testing Frameworks and has discovered more than 50 vulnerabilities in SAP applications. Mariano is also the lead author of the "SAP Security In-Depth" publication and founding member of BIZEC, the Business Security community.

Mariano has been invited to hold presentations and trainings in many international security conferences such as BlackHat USA/EU, HITB Dubai/EU, DeepSec, Sec-T, Hack.lu, Ekoparty and Seacure.it as well as to host private trainings for Fortune-100 companies and defense contractors. Mariano has a degree in Computer Science Engineering from the UTN.

Monday, July 12, 2010

TRAINING: Lockpicking, From Novice to Master in Two Days

Again on this edition, Deviant Ollam will present the "Lockpicking, From Novice to Master in Two Days" training!


More information here.


TITLE:
Lockpicking, From Novice to Master in Two Days

OVERVIEW:
Physical security is an oft-overlooked component of data and system security in the technology world. While frequently forgotten, it is no less critical than timely patches, appropriate password policies, and proper user permissions. You can have the most hardened servers and network but that doesn't make the slightest difference if someone can gain direct access to a keyboard or, worse yet, march your hardware right out the door.


TOPICS:
* The Basic Pin Tumbler Design - 90% of your doors are unsafe
* Combination Locks - open in 30 seconds with a beer can, or in 10 minutes with no tools at all
* Warded Lock Bypassing - yes, skeleton keys DO exist.
* Tubular Lock Picking - does your elevator restrict access to specific floors? Think again.
* Wafer Locks - is there anything of value in your desks, access panels & cars?
* Handcuffs & Gun Locks - physical security at its most basic.
* Bump Keying - the newly-publicized threat... who is addressing it and who is only paying lip service.
* Picking High Security Pins - with a steady hand, this is possible. You will learn how.
* Advanced Sidebar Functionality - how PROPER high-security locks function.
* Concerns for Large Institutions - master keying, fire codes, and emergency access... comply with the law without sacrificing security.
* Electronic Locks - just because there are wires and circuits doesn't mean there's security.
* Electronic Access Control Systems - how to tell a robust and strong RFID/Prox/SmartCard HID system from a poor one.
* Infrastructure Security - augmenting your physical locks and access controls with proper building design.
* Forensics After a Break-In - don't make mistakes that can result in denial of thousands in insurance coverage.
* Acquiring Your Own Tools - we'll give you a starter kit in this course, but in case you want additional tools, we will also cover the best (and most economical) sources for hardware.

YOU'LL LEARN:
Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access. Attendees will not only learn how to distinguish good locks and access control from poor ones, but will also become well-versed in picking and bypassing many of the most common locks used in North America... convince management that a new investment is necessary by showing them yourself how the server room door can be opened without a key in under a
minute!

PREREQUISITES/REQUIRED MATERIALS:
None. If you have your own lockpicks, you are welcome to bring them, but this is not necessary. A set of lockpicking tools will be provided to you as part of the course.

COURSE LENGHT:
Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered.


TRAINER: Deviant Ollam
While paying the bills as a security auditor and penetration testing consultant with The CORE Group, Deviant Ollam is also a published author and member of the Board of Directors of the US division of TOOOL, The Open Organisation of Lockpickers. Every year at DEFCON and ShmooCon, Deviant runs the Lockpick Village, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United States Military Academy at West Point.

KONEX will be the Event Location for ekoparty 2010!

Ciudad Cultural KONEX was confirmed as the location of the ekoparty Security Conference



Ciudad Cultural KONEX building was built in 1920 and used as a factory and oils depot till 1992. Years later it was acquired to create the Ciuidad Cultural Konex and make a model of cultural activity in our country. Estudio Clorindo Testa & Asociados was the responsible for transforming the old oil factory into a cultural space keeping intact the original architectural details of that time.

Today the complex occupies much of the old property surface with a refurbishment of its facilities where coexist and interrelate all kind of artistic expressions with the common goal of providing a cultural and artistic enrichment to the community.

This year, ekoparty will have an extra room of this incredible place.

Sunday, July 11, 2010

FORENSIC CHALLENGE in ekoparty

The sixth edition of ekoparty Security Conference will offer a lot of parallel activities during the conference, like workshops, expositions, wargames and challenges.


One of these activities will be FORENSIC CHALLENGE, where every attendant will get a disk image which will belong to a victim and the challenge is to find out what truly happened.


FORENSIC CHALLENGE will be led by DragonJAR Community, one of the biggest IT Security communities in Latin America that will be attending the ekoparty

Wednesday, July 7, 2010

Biquad WiFi Antennas build Lab

As we get closer to September 16 / 17, we'll be publishing in our blog all parallel activities that will be available during this new edition of ekoparty security conference

Biquad WiFi Antennas build Lab objective is every assistant have the opportunity to set up their own Biquad WiFi antenna.


You will see flexible, light , cheap, easy to assemble, and high gain antenna models. Designate for the lady or gentleman's pocket. During the ekoparty there will be an area destinated to the construction of antennas, coordinated by the ekoparty organizers.
In 30 minutes you will have your own antenna to take home or even better, to use in the Oficial Wardriving!

There will be kits on sale also, in case you don't bring the necessary materials. Prices will be low, don't worry about it, the idea is to spend a nice time and broadcast this passioned activity.

"MatesLab" hackspace will be leading this activity. They are from Mar del Plata City (Buenos Aires sea coast), you remember Sebastián García for sure, he belongs to this group and during ekoparty 2008 edition he presented the paper: "Tell how you attack and I will tell you who you are".

Thursday, July 1, 2010

Que la sigan ROOTEANDO

Slogan contest for ekoparty 2010 finally finished... and the winner is:

"Que la sigan ROOTEANDO"


Congratulations to Alfredo Ramírez, the slogan's creator. It will be used to design all ekoparty 2010 merchandising!

We'd like to thank all who participated in the Slogan Contest and please keep following the set-out for this 6th edition of ekoparty