Team RISC nullcon 2012 Jailbreak presentation

•

0 j'aime•172 vues

Raghu Nath

Technologie Formation

Aim

Find zero day in Joomla
( I'm-possible in 36 Hrs ;) )

Why Joomla/Gymla ?
● Challenge !
● Learn exploitation in complex

web applications
● IBM X-force paper on CMS

security.

How its generally
done ?
0 day vulnerability

Source code Fuzzing
Auditing

Know your enemy

If you know your enemies and know yourself, you will not be
imperiled in a hundred battles
-- Sun Tzu, the art of war

Source code
Auditing
● Identify vulnerable Functions
● Analyze the entry points

● Analyze Input Validations.

Fuzzing
● Find the entry points
● SQL Injection

● XSS

● CSRF

● Command Injection

● Click Jacking with Drag and drop

Tools used for Source
code auditing
● The mighty grep
● RIPS

● RATS

Tools used for Fuzzing

JBroFuzz
Burp Suite
WebScarab

References
● http://www.exploit-db.com/papers/15780/
● Burp Suite
● http://www.amazon.com/Fuzzing-Brute-Force-Vulnerability-Discovery/dp/0321

Thanks to ...

Omair, Amol Naik, Null team
and especially our Jailer

Contenu connexe

Similaire à Team RISC nullcon 2012 Jailbreak presentation

How to find Zero day vulnerabilities

Mohammed A. Imran

Using Guided Missiles in Drive-bys: Automatic Browser Fingerprinting and Expl...

egypt

12 tricks to avoid hackers breaks your CI / CD

Daniel Garcia (a.k.a cr0hn)

Decompiling Android

Godfrey Nolan

Columbus WordCamp 2015

Jason Packer

Tips for better CI on Android

Tomoaki Imai

Sonatype DevSecOps Leadership forum 2020

Daniel Garcia (a.k.a cr0hn)

NanoSec Conference 2019: Code Execution Analysis in Mobile Apps - Abdullah Jo...

Hafez Kamal

DEF CON 27 - JESSE MICHAEL - get off the kernel if you can't drive

Felipe Prado

Youtube: https://www.youtube.com/watch?v=SDg5FzTvyPM Since the malware come out，there is a fight between malware and AV. So more and more methods based on machine learning apply to detect malware. We will share how to detect polymorphic malware based on CNN，then we will introduce a method use generative adversarial network to generate adversarial malware examples to bypass machine learning based detection models. Zhuang Zhang, Bo Shi, Hangfeng Dong, from Tencent Yunding Lab(Tweet@YDLab9)

WEAPONS FOR DOG FIGHT：ADAPTING MALWARE TO ANTI-DETECTION BASED ON GAN - Zhuan...

GeekPwn Keen

Intrusion Techniques

Festival Software Livre

Talk from 4Developers '12 and PHP Barcelona '11 It’s fun to architect your application to handle millions of pageviews, but in reality that’s time where you could be adding features. We’ll examine some practical solutions for designing your platform to deal with increasing traffic and how to add those features on an incremental basis. This will take us through options for scaling the code and additional methods for scaling the infrastructure.

Sensible scaling

Rowan Merewood

When performance hits rock-bottom everybody (and their dog) is called upon and all of a sudden developers should have been responsible for last half a year or so and code with performance in mind (and deadlines, but that of course goes unsaid). So, here I'm talking about what can a dev do to meet those unreasonable demands) and what might he do anticipating them. Strictly JVM, mostly Sun Hotspot impl, but number of points can be used to other JVMs as wel

Jvm tuning in a rush! - Lviv JUG

Tomek Borek

Most Java software problems come from the little “broken windows” – a null pointer here or there. Sometimes, however, you find yourself in a nasty section of town, with the heap, stack, and permgen brutally fighting for memory. Threads in nasty knife fights over resources. Sometimes just plain freaky things – how did I wind up with 1.5GB of HashSet allocations? In this edition of CSI: Seattle Java Edition, we’ll look at the tools available to combat these nasty foes and even see some of them in action – we will blow up a lot of application servers and JVMs in the process, with graphic results.

Java Tools and Techniques for Solving Tricky Problem

Will Iverson

ISIS (Now OSIRIS) Lab at NYU Tandon school hosts weekly sessions for young hackers. They excelled at developing this talent. This week I gave a talk discussing where vulnerabilities occur, how people handle them as well as a deep dive into various technical aspects of the Application Binary Interface (ABI) for the XNU derived kernels. The deep dive also included covering the loading mechanisms for Mach-O though the kernel and DYLD. For the second part, I did a walk through which is recorded on youtube (https://www.youtube.com/watch?v=yg9svg9xE8g). It is about how we can use GCC to help you write assembly for your shellcode. It is especially useful for complex logic and for getting you bootstrapped on architectures you might not be familiar with. We use GCC to build up concise code for executing a system call. Just be aware that using GCC for this purpose will usually be enough to buildup ~90% of the work, you'd be responsible to shape it into something that meets all the requirements of your exploit. At the end, there is a challenge given. It is to build shellcode which downloads and loads a dylib into a process without touch disk. There is a template on github (https://github.com/nologic/shellcc) for downloading and loading from disk.

NYU Hacknight: iOS and OSX ABI

Mikhail Sosonkin

Javascript Security - Three main methods of defending your MEAN stack

Ran Bar-Zik

Java tuning on GNU/Linux for busy dev

Tomek Borek

https://speakerdeck.com/matenadasdi/frontend-automation-and-stability We all know that after a certain amount of code complexity it’s impossible to maintain everything with simple manual processes. Frontend development is in a new era and we all have to focus on stability and scalability in our huge JavaScript architecture. I will present you our plans at Ustream to keep up with continuous feature development, our testing layers and solutions for workflow automation.

Frontend automation and stability

Máté Nádasdi

Sandbox detection: leak, abuse, test - Hacktivity 2015

Zoltan Balazs

Rooted con 2020 - from the heaven to hell in the CI - CD

Daniel Garcia (a.k.a cr0hn)

Similaire à Team RISC nullcon 2012 Jailbreak presentation (20)

How to find Zero day vulnerabilities

Using Guided Missiles in Drive-bys: Automatic Browser Fingerprinting and Expl...

12 tricks to avoid hackers breaks your CI / CD

Decompiling Android

Columbus WordCamp 2015

Tips for better CI on Android

Sonatype DevSecOps Leadership forum 2020

NanoSec Conference 2019: Code Execution Analysis in Mobile Apps - Abdullah Jo...

DEF CON 27 - JESSE MICHAEL - get off the kernel if you can't drive

WEAPONS FOR DOG FIGHT：ADAPTING MALWARE TO ANTI-DETECTION BASED ON GAN - Zhuan...

Intrusion Techniques

Sensible scaling

Jvm tuning in a rush! - Lviv JUG

Java Tools and Techniques for Solving Tricky Problem

NYU Hacknight: iOS and OSX ABI

Javascript Security - Three main methods of defending your MEAN stack

Java tuning on GNU/Linux for busy dev

Frontend automation and stability

Sandbox detection: leak, abuse, test - Hacktivity 2015

Rooted con 2020 - from the heaven to hell in the CI - CD

Dernier

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

Real Time Object Detection Using Open CV

Khem

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

The Raspberry Pi 5 was announced on October 2023. This new version of the popular embedded device comes with a new iteration of Broadcom’s VideoCore GPU platform, and was released with a fully open source driver stack, developed by Igalia. The presentation will discuss some of the major changes required to support this new Video Core iteration, the challenges we faced in the process and the solutions we provided in order to deliver conformant OpenGL ES and Vulkan drivers. The talk will also cover the next steps for the open source Raspberry Pi 5 graphics stack. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://eoss24.sched.com/event/1aBEx

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Igalia

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

08448380779 Call Girls In Civil Lines Women Seeking Men

Delhi Call girls

[2024]Digital Global Overview Report 2024 Meltwater.pdf

hans926745

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

Explore 'The Codex of Business: Writing Software for Real-World Solutions,' a compelling SlideShare presentation that delves into digital transformation in healthcare. Discover through a detailed case study how Agile methodologies empower healthcare providers to develop, iterate, and refine digital solutions that address real-world challenges. Learn how strategic planning, user feedback, and continuous improvement drive success in deploying technologies that enhance patient care and operational efficiency. Ideal for healthcare professionals, IT specialists, and digital transformation advocates seeking actionable insights and practical examples of technology making a real difference.

The Codex of Business Writing Software for Real-World Solutions 2.pptx

Malak Abu Hammad

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Choosing the right accounts payable services provider is a strategic decision that can significantly impact your business's financial performance and operational efficiency. By considering factors such as expertise, range of services, technology infrastructure, scalability, cost, and reputation, businesses can make informed decisions and select a provider that aligns with their unique needs and objectives. Partnering with the right provider can streamline accounts payable processes, drive cost savings, and position your business for long-term success. https://katprotech.com/accounts-payable-and-purchase-order-automation/

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Katpro Technologies

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

Handwritten Text Recognition for manuscripts and early printed texts

Maria Levchenko

Dernier (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Automating Google Workspace (GWS) & more with Apps Script

Real Time Object Detection Using Open CV

A Year of the Servo Reboot: Where Are We Now?

How to Troubleshoot Apps for the Modern Connected Worker

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Powerful Google developer tools for immediate impact! (2023-24 C)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

08448380779 Call Girls In Civil Lines Women Seeking Men

[2024]Digital Global Overview Report 2024 Meltwater.pdf

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

The Codex of Business Writing Software for Real-World Solutions 2.pptx

Artificial Intelligence: Facts and Myths

GenCyber Cyber Security Day Presentation

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Presentation on how to chat with PDF using ChatGPT code interpreter

Handwritten Text Recognition for manuscripts and early printed texts

Team RISC nullcon 2012 Jailbreak presentation

1. Team RISC

2. Our story of Jail break !

3. Aim Find zero day in Joomla ( I'm-possible in 36 Hrs ;) )

4. Eating only this ...

5. Why Joomla/Gymla ? ● Challenge ! ● Learn exploitation in complex web applications ● IBM X-force paper on CMS security.

6. Vulns in Drupal

7. Vulns in Wordpress

8. Vulns in Joomla

9. How its generally done ? 0 day vulnerability Source code Fuzzing Auditing

10. What we did ?

11. Methodology

12. Know your enemy If you know your enemies and know yourself, you will not be imperiled in a hundred battles -- Sun Tzu, the art of war

13. Set up the Attacking environment

14. Study the Joomla architecture

15. Components, modules, plugins

16. Source code Auditing ● Identify vulnerable Functions ● Analyze the entry points ● Analyze Input Validations.

17. The entry points

18. More ...

19. Few more ...

20. Exec call

21. RIPS output

22. Fuzzing ● Find the entry points ● SQL Injection ● XSS ● CSRF ● Command Injection ● Click Jacking with Drag and drop

23. JBroFuzz

24. Clickjacking

25. Tools used for Source code auditing ● The mighty grep ● RIPS ● RATS

26. Tools used for Fuzzing JBroFuzz Burp Suite WebScarab

27. References ● http://www.exploit-db.com/papers/15780/ ● Burp Suite ● http://www.amazon.com/Fuzzing-Brute-Force-Vulnerability-Discovery/dp/0321

28. Thanks to ... Omair, Amol Naik, Null team and especially our Jailer

29. Questions ? हैकर हैक्या ? हैकर

Team RISC nullcon 2012 Jailbreak presentation

Recommandé

Recommandé

Contenu connexe

Similaire à Team RISC nullcon 2012 Jailbreak presentation

Similaire à Team RISC nullcon 2012 Jailbreak presentation (20)

Dernier

Dernier (20)

Team RISC nullcon 2012 Jailbreak presentation