Скачать Hack E Mail 3 - Статьи
|
Ekoparty Wrap Up SecuObs Présentation : Posted by Pedram Amini Ekoparty 2009 is all wrapped and everyone had a great time. The venue was spectacular. An open split level warehouse which comfortably held the 500 researchers who attended this boutique con in Buenos Aires, Argentina. The talks were held in the theater upstairs in both English and Spanish via real-time translation. The downstairs area housed the various sponsors and a slew of interesting competitions. CORE Security created a really fun 3-level simulated hardware reverse engineering challenge via the Ruckingenur Editor. Immunity had their NOP certification test. TOOOL had a lock picking competition. There was a fun CTF where teams had to hack into faux bank websites and steal money from each others accounts. Finally, my team had the DRINC challenge see the previous blog announcement where we intentionally exposed 17 bugs across various components for contestants to discover in exchange for drink tickets and a grand prize. We had over 40 entrants participate in our challenge and over the course of the 2-days we ran the contest a handful of them discovered almost all of the exposed issues. At the end of the competition we were pleased to announce Gera from CORE Security as the grand prize winner and recipient of a our TippingPoint Kick-Ass trophy, a Zero Day Initiative laptop messenger bag and a bottle of Dom Perignon champagne. Here he is accepting his reward with the TippingPoint team full size The following is a list of the various DRINC components and the discoverers of each of the exposed bugs. AwesomeX.ocx 1. No entries 2. No entries DRINCryptionSuite.zip 1. Gera CORE Security 2. Gera CORE Security EkoFriendlyServer.exe 1. Esteban Hernan, Costantino Leandro 2. Costantino Leandro, Esteban LogAnalyzer.exe 1. Charlie Miller, Victor from Hauttech Group 2. Charlie Miller, Victor from Hauttech Group NetworkScriptingEngine.py 1. Esteban Facundo, Agustin, Costantino Leandro, Gera CORE Security SecureLoggingServer.exe 1. Gera CORE Security 2. Gera CORE Security 3. No entries 4. No entries TSRTVideoCodec.dll 1. Sergio Alvarez 2. No entries Web30Server.exe 1. Costantino Leandro 2. Gera CORE Security 3. Gera CORE Security, Esteban not part of the contest The third bug discovered by both Gera and Esteban was not actually among the list of purposefully planted bugs but rather a directory traversal issue in the underlying mongoose webserver that we modified for the purposes of the contest. A bug report has been opened with the mongoose developers. The TippingPoint DRINC contest is now available for download as both a Windows MSI installer, which will properly install the various components, and a standalone archive. We are going to hold off on posting the solutions for now. However, if you want to see them simply drop one of us an e-mail and we'll shoot it over to you. If you e-mail us a find before we post the solutions we will add your name to the above list of discoverers. Here are some hints we shared with contestants that should help you get started Don't bother fuzzing the AwesomeX ActiveX control, there is a mechanism to prevent it. On the LogAnalyzer the values 0x3 and 0x10 should save you some time. Be sure to look at the sample AVI provided when you are working on the video codec. Here is an IDAPython script for Web30Server that will add symbols to your IDB. Here are some not-so-great-quality cell phone camera pictures we took at the event click for a larger version The DRINC contest grand prize full size Zoom up on the Kick-Ass trophy full size The audience during my talk full size Cody and Cameron working with Charlie Miller on the DRINC contest full size Gera and I catching up before my talk full size The WOPR yes from War Games from the speaker stage full size There was a professional photographer at the even as well, we look forward to seeing those pictures when they are released. All in all everyone from my team had a great time at Ekoparty and we look forward to attending again next year. -pedram |