DEFCON Moscow 12



The 12th meeting will take place in the heart of the Russian antivirus industry
Kaspersky Lab, 21 April at 19:00 at: Leningrad highway, 39A, building 2.

During the opening of the spring season,
we want to bring together an active part of the audience that came out of winter
hibernation and decided to join in our big and friendly community.
At the meeting you will find a lot of useful information!

Also on the eve of Positive Hack Days, Oleg Kupreev will talk about Hardware Village
plans, where for two days,
visitors will be able to attend master classes and lectures of experienced hackers,
who will talk about their experiences.
For everybody will be available a lot of hacking hardware, on which you can not
only to look, but also to test. To register to the meeting, click the link.


Novikov Ivan - Key-Value injections.

Kirill Nesterov, Alexey Osipov - Adventures in the femto-world: 350 yuans of priceless fun.
There are researches about getting a control of the femtocells.
There is also a research that allows users to intercept calls and messages
after receiving such kind of control.
But all of these decisions are not flexible enough.
We are still attached to the operator.
We still have to connect to the VPN, then to the core network,
should bypass the geolocation bind and so on.
Maybe there's a much simpler solution?
Will we be able to gather the UMTS-of-the-box from readily accessible femtocells
without the need to connect to the operator? In fact - we already know the answer.
In this report, we will tell the whole story - from unpacking femtocells
to creating a working prototype
and interception of the data - and we'll prove the existence
of vulnerabilities in UMTS networks.

Michael Firstov - Vulnerabilities of client programs,
personal office and equipment YOTA

It will be a full story of how were found vulnerabilities and corrected in such
a major 4G operator like Yota.
Some part of this report was on ZN2015, but because of constraints of time it
was not possible to tell all the details.
In the same time it will be explained in detail, and even shows what and how
I hacked. From XSS in your account to local RCE through client software.

Vasily Davydov - The evolution of the exploit packs and new
methods of hiding them in on the web.

Modern exploit packs - are a very effective method of propagation of
malicious software that is used for targeted attacks,
as well as for the installation different kinds of
malicious software on computers of ordinary users.

As it happens, there are always vulnerabilities in software, the number
of vulnerabilities increases, the producers closing it are not always fast, users updated slowly,
and hackers have enough time and opportunity
for invisible exploitation of these vulnerabilities.

In the last year in the use of the exploit packs had been introduced a variety
of new technologies and "features" that enable very secretly infect computers of the victims.
The presentation will be about innovations, about what are doing writers
of the exploit packs to be unnoticed and to not disclose zeroday and exploits in use.

We will look at a few examples of the various the exploit packs,
we will show new and interesting things which are taking place on the battlefield:
we'll talk about techniques that malware writers use on the client side,
what data they get from the users, how they do not extradite themselfs,
as well as functional, which exists on the server side - the exploit is not given to everyone.
We'll see some examples of attempts to inject encryption on the go,
and we'll talk about the features of this year.

Place on Google Maps

News from the Xakep Magazine

Archives of all meetings DC7499 here.

Archives of our meetings are available on our website in English only,
to read them in Russian, visit the portal of our best friend Xakep Magazine.

All photos from our events are available in Flickr.

All global alert about the meetings DC7499 you can get on Twitter, Facebook, VK,
channel Telegram @DEFCON and chat @DC7499 (more than 1000 people).

Our group organizes meetings, so-called "villages",
look for more information on the websites Hardware Village and Lockpick Village.

Make your contributions to DC7499 knowledge base!

Listen DC7499 radio station.

Our mirrors defcon.moscow

DC7499[at]defcon.su

Our PGP key here.