RomHack 2018 Program
22nd of September 2018
Attack and Defense: a team perspective on real-life scenarios
10:45 - 11:30
An adversarial approach to improve detection capabilities
Watch the Video | Download Slides
In this talk we will show an hybrid approach, Red / Blue Team, which allows improving detection and response capabilities using techniques, tactics, and procedures of known attackers; we will analyze how, starting from threat analysis and leveraging on integration and automation of attack and the defense Technologies, we can improve enterprise detection and response capabilities.
Language:
An adversarial approach to improve detection capabilities
Watch the Video | Download Slides
In this talk we will show an hybrid approach, Red / Blue Team, which allows improving detection and response capabilities using techniques, tactics, and procedures of known attackers; we will analyze how, starting from threat analysis and leveraging on integration and automation of attack and the defense Technologies, we can improve enterprise detection and response capabilities.
Language:
11:30 - 12:15
"whoami /priv" - show me your Windows privileges and I will lead you to SYSTEM
Watch the Video | Download Slides
On Windows systems, users can be given special privileges. Some of these, if appropriately abused can lead to elevation of privileges to become SYSTEM. In this talk, I will explain what the privileges and tokens are, how to get them, and based on their characteristics, identify some possible paths for privilege escalation.
Particular attention will be devoted to the privileges "SeImpersonate" and "SeAssignPrimary" which, combined with the "Rotten Potato" exploit and our subsequent research, have proved to be "Golden Privilege".
Language:
"whoami /priv" - show me your Windows privileges and I will lead you to SYSTEM
Watch the Video | Download Slides
On Windows systems, users can be given special privileges. Some of these, if appropriately abused can lead to elevation of privileges to become SYSTEM. In this talk, I will explain what the privileges and tokens are, how to get them, and based on their characteristics, identify some possible paths for privilege escalation.
Particular attention will be devoted to the privileges "SeImpersonate" and "SeAssignPrimary" which, combined with the "Rotten Potato" exploit and our subsequent research, have proved to be "Golden Privilege".
Language:
12:15 - 13:00
Windows RID Hijacking: Maintaining Access on Windows Machines
Watch the Video | Download Slides
The new persistence technique RID Hijacking, which affects all Windows versions, takes advantage of some security issues found on the authentication & authorization tasks executed by the Operating System.
It allows setting desired privileges to an existent account in a stealthy manner by modifying some security attributes.
To show its effectiveness, the attack will be demonstrated by using a module which was recently added by Rapid7 to their Metasploit Framework, and developed by the security researcher Sebastián Castro.
Language:
Windows RID Hijacking: Maintaining Access on Windows Machines
Watch the Video | Download Slides
The new persistence technique RID Hijacking, which affects all Windows versions, takes advantage of some security issues found on the authentication & authorization tasks executed by the Operating System.
It allows setting desired privileges to an existent account in a stealthy manner by modifying some security attributes.
To show its effectiveness, the attack will be demonstrated by using a module which was recently added by Rapid7 to their Metasploit Framework, and developed by the security researcher Sebastián Castro.
Language:
14:30 - 15:00
Zanshin Tech - Samurai in the digital age
Watch the Video | Download Slides
At the beginning of this talk we will watch a video about a group of teenagers using OSINT to deal with a hypothetical attacker reported to them by another teenager in distress.
The video provides us with the opportunity to introduce Zanshin Tech, which is the first martial art for the information age; the aim of Zanshin Tech is to teach anyone above the age of 11 to defend themselves on the internet by using technologies faster and more effectively than their assailants while at the same time, respecting the values of traditional martial arts.
Language:
Zanshin Tech - Samurai in the digital age
Watch the Video | Download Slides
At the beginning of this talk we will watch a video about a group of teenagers using OSINT to deal with a hypothetical attacker reported to them by another teenager in distress.
The video provides us with the opportunity to introduce Zanshin Tech, which is the first martial art for the information age; the aim of Zanshin Tech is to teach anyone above the age of 11 to defend themselves on the internet by using technologies faster and more effectively than their assailants while at the same time, respecting the values of traditional martial arts.
Language:
15:00 - 15:45
Human Users Detection: stop bots with Nginx
Watch the Video | Download Slides
Every day, websites and web applications receive many scans and attacks from botnets and script kiddies.
During this talk, we'll see how to make scanning, enumeration and exploit activities ineffective just by using Nginx and JavaScript.
We'll see also how "big vendors" uses this technique in order to intercept automatisms on their customers' websites and web applications.
Language:
Human Users Detection: stop bots with Nginx
Watch the Video | Download Slides
Every day, websites and web applications receive many scans and attacks from botnets and script kiddies.
During this talk, we'll see how to make scanning, enumeration and exploit activities ineffective just by using Nginx and JavaScript.
We'll see also how "big vendors" uses this technique in order to intercept automatisms on their customers' websites and web applications.
Language:
15:45 - 17:15
Live demo
Watch the Video | Download Slides | Code and commands
17:15 - 17:30
Final greetings
17:30
Stay with us
Live demo
Watch the Video | Download Slides | Code and commands
17:15 - 17:30
Final greetings
17:30
Stay with us
