BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Pentabarf//Schedule 0.3//EN CALSCALE:GREGORIAN METHOD:PUBLISH X-WR-CALDESC;VALUE=TEXT:0sec06 Schedule Release 1.0 X-WR-CALNAME;VALUE=TEXT:0sec06 Schedule X-WR-TIMEZONE;VALUE=TEXT:Europe/Berlin BEGIN:VEVENT METHOD:PUBLISH UID:25@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061013T200000 DTEND;TZID=Europe/Berlin:20061013T210000 DURATION:PT1H SUMMARY:dbd: default behaviour database DESCRIPTION: A presentation to default passwords, installation, behavi ors threat in the computing and technology environment with the idea t o federate a database.The presentation will focus on the idea of creat ion a structured semi-public database for hardware, software and misc knowledge about default behaviors. Nothing very new but introducing a clear database schema , a clear API and a easy to use web interface. K ISS.A proof of concept tool in PERL to exploit the actual example data base will be presented : supporting basic protocols and allowing autom atic and intelligent detection of default behaviors.The tool was writt en first without database motivated by the need, on daily bases, for t he system administration of big heterogeneous IT companies where compu ting is just a tool and user not IT literate. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/25.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="alphacc":invalid:n omail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:11@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061015T160000 DTEND;TZID=Europe/Berlin:20061015T170000 DURATION:PT1H SUMMARY:Firmware reverse-engineering tactics DESCRIPTION: This lecture aims at providing ideas and practical techni ques about the reverse-engineering process of equipment firmware image s. It touches upon data encoding, compression, bootstraps, deciphering , disassembly, and emulation. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/11.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="khorben":invalid:n omail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:12@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T150000 DTEND;TZID=Europe/Berlin:20061014T160000 DURATION:PT1H SUMMARY:Forensics analysis on CD-R and DVD medias DESCRIPTION: It might seem unusual to talk about CD-R and DVD-R analys is in the end of 2006, 30 years after the invention of audio CDs. CD-R and DVD-R are used by millions of people who daily burns they discs w ithout a deep knowledge of these medias. CD-R and DVD-R could carry ou t valuable datas hidden between their holes and pits. Hidden so well t hat also the people who burned that CD could think to be safe... CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/12.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Andrea "Pila" Ghir ardini":invalid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:10@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T160000 DTEND;TZID=Europe/Berlin:20061014T170000 DURATION:PT1H SUMMARY:Hacking fingerprint recognition systems DESCRIPTION: Today biometric systems are becoming mainstream. They can be found everywhere. In mobile phones, computers, entrance systems ev en in ATMs. Because of the low costs, small sizes and the alleged matu rity mostly fingerprint sensors are used. But contrary to the assuranc e of the manufacturers they are still very easy to hack with technique s invented three years ago (see http://www.ccc.de/biometrie/fingerabdr uck_kopieren).The capacitive sensors built into the new generation of Thinkpad computer from IBM / Lenovo were one of the first implementing countermeasures against this type of dummies. But counter measures on ly lead to new types of dummies!Using this fingerprint system as an Ex ample I want to explain the different techniques of hacking biometric systems, from the attack on the communication and the stored reference data to the direct hack of the sensor itself. The talk will present t ools and ways to extract communication data to enhance dummy materials and a step by step approach to the final dummy finger that will defea t the sensor. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/10.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="starbug":invalid:n omail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:26@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T230000 DTEND;TZID=Europe/Berlin:20061015T000000 DURATION:PT1H SUMMARY:Hacking Nedap voting computers DESCRIPTION: In 2006 some hackers from the Dutch "wijvertrouwenstemcom putersniet"("We don't trust voting computers") initiative and from the CCC gottheir hands on a dutch Nedap voting computer. Nedap claims "Ha cker haben absolut keine Chance" ("Hackers have absolutely no chance") (in [1]).In this talk (slightly unprepared) I'll present what has bee n done withthis "Dedicated Special Purpose Machine" [1]. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/26.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Hannes Mehnert":in valid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:23@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T220000 DTEND;TZID=Europe/Berlin:20061014T230000 DURATION:PT1H SUMMARY:Messing with OpenSSH Public Key system - from LDAP patch to a cleaner abstraction layer DESCRIPTION: Once upon a time there was a project named openssh-lpk, a iming to hack public key lookup over LDAP into OpenSSH. The patch di d a reasonable job, allowing central administration of users in a LD AP environment. However, having LDAP code in OpenSSH felt wrong and ugly, and a new system was necessary. Abstracting public key lookup would provide a flexible way for quickly allowing arbitrary lookup o f keys without compromising OpenSSH code base cleaniness and conform ity to strict coding standards. The talk will cover the current open ssh-lpk patch, its benefits and reasons to exist, a first approach f or abstracting public keys lookup in a Quick and Dirty (tm) way, fo llowed by a Nice and Clean (tm) approach with a complete abstraction layer. We'll show and debate concepts as well as showing our curren t code for the three solutions. openssh-lpk; from egg, to ugly duckl ing, to swan. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/23.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Andrea Barisani":i nvalid:nomail ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Rob Holland":inval id:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:19@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061013T210000 DTEND;TZID=Europe/Berlin:20061013T220000 DURATION:PT1H SUMMARY:OpenPCD and OpenPICC - Free Hardware and Software for reading and emulating RFID DESCRIPTION: This presentation will introduce and demonstrate OpenPCD and OpenPICC.The purpose of those projects is to develop free hardware designs andsoftware for 13.56MHz RFID reader and transponder simulato r. OpenPICCcan be used to e.g. simulate ISO 14443 or ISO 15693 transpo nders, suchas those being used in biometric passports and FIFA worldcu p tickets.The OpenPCD project is a 100% Free Licensed RFID reader hard ware andsoftware design. It has first been released on September 13, 2006.Using OpenPCD, interested hackers can directly access the lowest layersof 13.56MHz based RFID protocols. The hardware offers a number ofdigital and analog interfaces, and the firmware source code is avail ableand can be modified and compiled using arm-gcc.The OpenPICC projec t is the counterpart to OpenPCD. It is a device thatemulates 13.56MHz based RFID transponders / smartcards. Like OpenPCD,the hardware desi gn and software are available under Free Licenses. Ithas not been rele ased yet, but the first prototypes are working and itis expected to be released before 23C3.The presentation will introduce and explain the OpenPCD and OpenPICChardware as well as software design. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/19.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Harald Welte":inva lid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:22@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T130000 DTEND;TZID=Europe/Berlin:20061014T140000 DURATION:PT1H SUMMARY:Reducing root code paths DESCRIPTION: The talk presents an alternative to the existing requirem ents to run daemons as root and unwieldy use of the setuid bit. It will cover existing ways to avoid the requirement for root for the majority of the code paths in an application, alongside clean extensio ns to the Linux and BSD kernels to improve current Privilege Seperat ion techniques. Use of the proposed solution prevents an attacker fr om recovering root via setuid(0) and SAVED_IDS. Code running as ro ot can be reduced to a small validation "gatekeeper" which can be mo re easily audited and secured against attack than the current method of dropping then restoring root via setuid(). The extensions use th e existing 'cmsg' socket infrastructure for exchanging and validatin g credentials, patching in the ability to elevate privileges, provid ing a safe equivalvent to setuid() via Unix Domain Sockets. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/22.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Rob Holland":inval id:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:21@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T210000 DTEND;TZID=Europe/Berlin:20061014T220000 DURATION:PT1H SUMMARY:Secure networking with Dylan-based domain-specific language DESCRIPTION: The security industry is in a paradox situation: many sec urityappliances and analysis tools, be it IDS systems, virus scanners, firewalls or others, suffer from the same weaknesses as the systems th eytry to protect. What makes them vulnerable is the vast amount ofstru ctured data they need to understand to do their job, and the bugsthat invariably manifest in parsers for complex protocols if written inunsa fe programming languages.We present the design and implementation of a domain-specific language(DSL) for description of structured byte-orie nted protocols thataddresses this problem. The DSL is applicable to a wide range ofproblems, such as network communication or file formats, and allows theprogrammer to write an abstract definition of some packe t format, fromwhich parsers and generators are then created automatica lly. Thatmechanism saves the programmer from tedious manual work for s upportingnew protocols, and at the same time prevents him from introdu cingvulnerabilities into the parsing process. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/21.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Hannes Mehnert":in valid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:5@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T140000 DTEND;TZID=Europe/Berlin:20061014T150000 DURATION:PT1H SUMMARY:The Future of XSS DESCRIPTION: Cross-Site Scripting has become one of the most common vu lnerabilities in todays webapplications. Experts say that about 80% of all webapplications are vulnerable to those attacks. So it's not that surprising that many white- and of course also blackhats did (and sti ll do) some research on the topic of XSS. In this lecture Disenchant w ill talk about the present and mainly the future of this powerfully at tack class. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/5.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Disenchant":invali d:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:9@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061015T140000 DTEND;TZID=Europe/Berlin:20061015T160000 DURATION:PT2H SUMMARY:The Hacker's Profiling Project (HPP) - A new approach to Cyber crime DESCRIPTION: This talk will detail the results learned from the first year of activity of the HPP research study, developped by Raoul Chiesa , a security researchers, and Dr. Stefania Ducci, a criminologic resea rcher at UNICRI (United Nations Interregional Crime and Justice Resear ch Institute, ONU). The research project includes the dissemination of questionnaires, the installation of targetted Honeynet systems and th e cross-linked analysis of computer intrusions and IT attacks. You wil l discover how many myths about the hackers and the so-called "securit y underground world" have been often misunderstood, giving to this wor ld kind of a "black vision", taking away the attention from the really important psicological and technical issues of a reality in continuos development. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/9.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Raoul Chiesa":inva lid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:18@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T200000 DTEND;TZID=Europe/Berlin:20061014T210000 DURATION:PT1H SUMMARY:WarTracking - Satellite Tracking, harvesting and security DESCRIPTION: An spiced up introduction into the world of satellite tel ecommunications. We'll begin at reception setup. Explain theory behind the technical part of satellite telecommunications and finally presen t the variety of signals flowing down from orbit to the reciever. Seve ral hack-valued topics will be covered. Such as "Be your own satellite broadcaster", fascinating data traffic, "Who else is listening?" and self made recieving/transmitting gear.WarTracking as deducted from War Driving and Satellite Tracking is a traditional field of interest to t he technically talented (aka nerd), though only few master the obstacl es on the way to successfull advanced satellite listening. Our journey will begin at the basics. We'll explain terms and definitions of WarT racking to assure an equalized level of understanding for the attendin g audience. As our Journey proceeds the listeners will learn about sat ellite-orbit calculation / prediction for non-geosynchronous orbits an d the technical requirements for reception of such satellites. We'll a lso stop by to revisit past noteworthy events such as live-military-wa r footage on non suspicious commercial TV-transponders. A main part of this Lecture will be the current situation "up there" including infor mation on easy but fascinating catches for the beginning WarTracker. W e'll shed a light on the often neglected commercial broadcast satellit e transponders carrying fascinating payload. Then audience will be tak en one step further: "Ever wanted to be a satellite broadcaster heard around the world? - No Problem!". There are several ways for low budge t *active* fun with satellites - some of them even are legal. ;) Round ing up the journey we'll also have a look at the commercial "WarTracke rs" and the enormous efforts undertaken by them (Echelon, Satos). Fina lly we'll try to draw a picture of what the near and not so near futur e holds for us WarTrackers. Everything concluded by an open Q&A sessio n with much space for in-depth discussions that will continue outside the lecture room. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/18.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Thomas B. Rücker" :invalid:nomail ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Miguel Elias":inva lid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:6@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061015T130000 DTEND;TZID=Europe/Berlin:20061015T140000 DURATION:PT1H SUMMARY:Web 2.0 creates a need for a more secure web? DESCRIPTION: On the security implications of AJAX and how XForms may i n fact be considerably more secure while offering many of the same ben efits:JavaScript is not a problem that can be solved by encouraging go od web programming. It is about deliberate malicious attacks using a p owerful programming language that, by design, bypasses firewalls, viru s-protection, and anything else you have in place to run on your compu ter - unannounced. If anything, AJAX only shows how powerful it is, be cause JavaScript's current use in 'Web 2.0' websites was never foresee n by its creators.AJAX can be replaced by a safer way to create Web 2. 0 application - XForms. XForms, a dialect of XML, is precisely designe d to allow the sort of asynchronous jiggery-pokery used in AJAX, and c an be integrated with safe server side scripts to have the same effect . CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/6.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Schnitz":invalid:n omail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:24@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061013T190000 DTEND;TZID=Europe/Berlin:20061013T200000 DURATION:PT1H SUMMARY:WLAN Tracking Antenna and Hard Drive Security DESCRIPTION: Welcome to our private labs, this presentation is segment ed in two parts and based on ourprivates experimentations:The first on e, on hard drive security, the main intention is to provide access met hods tothe "manufacturer area" inside all hard drive and a review of t he tools software /hardware to grant an access. Theses technics permit s to completely hide data againststandard forensic tools.The second on e, was oriented in wifi-security, in fact, the main goal of this prese ntationis to learn how to make a home build automatic tracking antenna for wifi or Bluetoothsnipping. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/24.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Laurent Dupuy":inv alid:nomail END:VEVENT BEGIN:VEVENT METHOD:PUBLISH UID:8@0sec06@pentabarf.org DTSTART;TZID=Europe/Berlin:20061014T170000 DTEND;TZID=Europe/Berlin:20061014T180000 DURATION:PT1H SUMMARY:X.25 (in)security in year 2006 - Why, What, When, Who, How ? R eal life & field experiences analysis of an underestimated (and still actual) security issue DESCRIPTION: The presentation will focus on X.25 security issues, posi tioned in nowadays contest and problems. The main intention is to brin g personal and professional know-hows, backgrounds and X.25 penetratio n testing experiences to the auditorium, with real-life case studies. You will discover how an airplane flying over the Atlantic Ocean uses X.25 packet switching to communicate with the outside world, as well a s why many government institutions around the world still uses the rel iable frame-relay X.25 networks. CLASS:PUBLIC STATUS:CONFIRMED CATEGORY:Lecture URL:http://0x736563.org/schedule/events/8.html LOCATION:Talk ATTENDEE;ROLE=REQ-PARTICIPANT;CUTYPE=INDIVIDUAL;CN="Raoul Chiesa":inva lid:nomail END:VEVENT END:VCALENDAR