From BruCON 2017
- 1 Cryptanalysis workshop: Breaking office encryption
- 2 Damn Vulnerable Webapp
- 3 Hardware Hacking Area: Learn To Make Cool Things With Microcontrollers!
- 4 Living with SELinux How to configure SELinux for your daily applications in CentOS/RHEL
- 5 Lockpicking 101
- 6 Malicious PDF analysis
- 7 RFID workshop
- 8 Seccubus workshop: Analyzing vulnerability assessment data the easy way
- 9 The Security Innovation Network - Cluster of Clusters
Cryptanalysis workshop: Breaking office encryption
by Eric Filiol
In this workshop, we propose to make people practice cryptanalysis of
the Office encryption (up to 2003) when using the strongest encryption mode (128-bit RC4).
The timetable is the following one:
- presentation of the techniques
- presentation of the cryptanalysis programs
Attendees to this workshop must come with their own laptop and an Office suite (up to Office 2003)
including at least Word and Excel.
All other programs will be given during the workshop.
Programming in C language is required.
Damn Vulnerable Webapp
by Ryan Dewhurst
Damn Vulnerable Web App (DVWA) is an Open Source PHP/MySQL web application that is vulnerable to the most common types of web application security bugs. It is an aid for security professionals to test their skills and tools in a legal and controlled environment, help developers to better understand the processes of securing web applications and aid teachers/students to teach and learn web application security in a classroom environment. (DVWA, 2010)
The DVWA project started in December 2008 and has steadily grown in popularity. It is now used by thousands of security professionals, students and teachers world wide. More recently it was featured at a well renowned hacker conference held in Washington D.C. called Shmoocon attended by over 1500 people from the Information Security community.
Hardware Hacking Area: Learn To Make Cool Things With Microcontrollers!
by Mitch Altman
Anyone can learn to solder and make cool things with microcontrollers!
Come to the Hardware Hacking Area any time during the conference and Mitch will teach you to solder and make any number of fun and intriguing open-source projects, that you can take home with you.
Turn off TVs in public places with TV-B-Gone, trip out to your brain waves with the Brain Machine, play games, LEDcubes, make art -- microcontrollers can do all this and more.
Mitch will have plenty of parts for fun and intriguing open-source projects, organized as simple kits that anyone can successfully complete and take home.
This is for all ages and skill levels.
Mitch can also help you with your projects.
So, come on by!
Refs: Cornfield Electronics ("maker faire" tab) Mitch Altman has taught thousands of people to solder at workshops he has given at hacker conferences, Maker Faires, hackerspaces, and schools all over the world.
Living with SELinux How to configure SELinux for your daily applications in CentOS/RHEL
by Toshaan Bharvani
Security Enhanced Linux, is disabled in most cases due to fact that most people do not take the time to understand how to work with SELinux. However security increases, by keeping SELinux on, as all applications are segregated therefore even if a intruder were to enter it would only affect that application. In RHEL, CentOS or Fedora most applications are predefined in SELinux and can be adjusted, however other applications can be added easily with the integrated tools, allowing you to run any custom application. The presentation explains what SELinux is, how it works, how to implement the predefined policies and how to create custom policies.
by Walter Belgers (TOOOL.nl)
The Open Organization of Lockpickers (TOOOL) was founded in Amsterdam. Meanwhile, we have groups in Eindhoven (Netherlands) and the USA as well. We regularly meet to practice lockpicking and discuss techniques used in locks. Every year, championships are being held in lockpicking, safe lock manipulation and impressioning.
Our knowledge about locks is also used to inform the general audience. This helps them in making informed decisions when buying locks. Also, we strive to have open communication with the lock industry and help them eliminate weaknesses in locks before they hit the market.
Toool will give a presentation and demonstration about the weaknesses and strengths of common locks. This will help visitors choose better and more secure locks for their homes or enterprises.
This will be followed by hands-on lockpicking by the attendees. Practice locks and lockpicking tools will be provided.
Toool was featured in a Dutch television program "Nova" where they warned about the dangers of bump keys. If you want to know how to mitigate this technique, come and visit us at Brucon.
Malicious PDF analysis
by Didier Stevens
This workshop will teach you the fundamentals you need to know to analyze (malicious) PDF documents. Didier Stevens will familiarize you with PDFiD and pdf-parser, two essential tools for PDF analysis he authored. The workshop is hands-on: bring your laptop, start the VM we provide you (VMware or VirtualBox) and you're ready to go! Contained in the Linux VM are the tools and PoC samples to do the exercises of the workshop. We start with a very simple, PoC malicious PDF file (you could even analyze this PoC file with Notepad or vi) to lay out the fundamentals, and then work through more complex examples.
Each attendee will receive a copy of a 20+ page PDF analysis document Didier Stevens authored. And yes, this document will be provided in the Portable Document Format, but hey, when you succesfully complete this workshop, you will know how to identify malicious PDF files ;-)
by Philippe Teuwen
Come with your laptop & tags
You'll get a bootable LiveCD and be able to borrow a RFID reader
The workshop will be a mix of presentation and hands-on
Intro about RFID readers for PC:
- Global architecture, chipset, connection (USB, serial...), drivers,...
- PC/SC: limits of manipulating RFID with contact-oriented standards, pseudo-ATR & pseudo-APDU
- Manipulating APDUs to talk to 13.56MHz RFID tags
- Challenge/Response authentication
- Read various tags... Come with your own tags as well!
- Libraries RFIDiot, LibNFC
- Applications ePassport Viewer, ...
And more demos, depending on available time
Seccubus workshop: Analyzing vulnerability assessment data the easy way
by Frank Breedijk
As part of his job as Security Engineer at Schuberg Philis, Frank Breedijk performs regular security scans. The repetitive nature of scanning the same customer infrastructure over and over again made him decide to look for a more automated approach. After building his first scanning scheduler he realized that it actually does not make sense to look at all findings every time they are reported. It would be much better to only investigate the deltas between the scans. The philosophy behind AutoNessus was born. In his workshop Frank will demonstrate Seccubus by making the attendees perform scans of a live demo environment and explain the inner workings of Seccubus and the philosophy behind it.
What is Seccubus?
Seccubus automates regular vulnerability scans and provides delta reporting. It effectively reduces the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.
Anyone who has ever used Nessus or OpenVAS will be familiar with one of its biggest drawbacks. Nessus and OpenVAS are very valuable tools, but unfortunately also very noisy. The time needed to report on a single scan will often be two or three times the time needed to do the actual scan. Seccubus was created in order to more effectively analyze the results of regular scans of the same infrastructure.
How does it work?
Seccubus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI where findings can be easily marked as either real findings or non-issues. Non-issues get ignored until they change. This causes a dramatic reduction of the analysis time.
What will be in the talk?
The talk will be combined presentation and demonstration of the AutoNessus tool. While scanning a live demo environment Frank will discuss the following topics:
- The philosophy behind Seccubus
- The inner workings
- Seccubus in action
- Seccubus in real live
Everything about Seccubus and its philosophy.
This talk will give you real world knowledge. You will learn how to do more vulnerability scanning in less time and get more accurate results.
If scanning is part of you job, you should attend this talk. If scanning the same infrastructure more then once is part of your job, this is a must see talk!
The Security Innovation Network - Cluster of Clusters
by Ulrich Seldeslachts
The Security Innovation Network is a partnership of Europe's leading Security Associations. These national Security clusters have joined forces to form a transnational European Security cluster, aiming to facilitate sharing experiences, business and research opportunities and building of trust amongst the partners. The participating clusters will present their program and first results.
The Security Innovation Network has analyzed the Security market in Europe with on its key challenges, opportunities and evolutions in order to allow for a better coordinated action between companies across Europe to respond to those challenges. Participants will be able to evaluate and assess this analysis, and understand key challenges from their peers in other countries. The methodology will be demonstrated, and the outcome of the various specialized expert groups sessions will be recommended. A call for action is for the attendees to recognize some of this key learning and to join in the discussions. This session will focus on innovations to improve Cybersecurity and a call for actions on how to jointly address cyber attack issues.
The Security Innovation Network will identify some of the most apparent challenges and evolutions in the Security landscape in Europe and will call for companies and research institutions to work together on a transnational basis to determine innovative solutions. Based upon different STIG's (security innovation workshops), the different national associations in France, Germany, UK and Belgium have been bringing together expert companies in their respective domains. These experts identified some of the key challenges ahead and suggested for actions accordingly. Some actions will be leading to further international coordinated research actions, others will lead to joint development programs. Focus areas include electronic identities and access management, cloud computing and virtualization, pki and certification authorities, biometrics, European certification programs, challenges in data protection, convergence between physical and logical security, … The Security Innovation Network is supported by the European Regional Development Fund under the INTERREG IVb program, as a transnational collaboration in North-West Europe. The project is open for other national cluster initiatives, companies and academic experts to join. The initiative aims to reduce the fragmentation in the local markets, allow for a better international co-operation and establish trust relationships between expert companies across the borders.