This working area will check out latest strategies to utilize little-known or undocumented programs techniques in a house windows program

This working area will check out latest strategies to utilize little-known or undocumented programs techniques in a house windows program

Chuck Easttom

The focus would be on techniques that can be used to subvert the security on the system. For example api phone calls which can be used in manipulating the system and even in creating malware. There may even be coverage of essential SQL retained methods that can be used in the same manner, eg there is an undocumented stored procedure that may empty the System manager password.

Resources: push a computer with some version of Microsoft windows (actually on a VM is fine). A c++ compiler as well as a copy of artistic C#

Chuck Easttom Chuck has been in the that sector for over twenty five years, he has written 21 products, such as most on computer system security, forensics, and cryptography. Chuck has also written many data articles connected with cyber protection including a number of on spyware development tips. Mr Easttom is actually a frequent presenter at a lot of security occasions including presenting a workshop at DefCon 2016 but also: SecureWorld Dallas, SecureWorld Houston,ISC2 Security Congress, HakonAsia, protect Jordan, and many more. ‘” 2_Monday,,,Workshops,”Octavius 5″,”‘Subverting Privacy Exploitation Utilizing HTTP'”,’Eijah’,”‘

Eijah Founder, Demonsaw

The planet is now an extremely dangerous spot. Governing bodies and businesses spend vast sums of bucks yearly to produce new and modern development designed for one function: the exploitation of our personal marketing and sales communications. How performed we let this take place? And what exactly are we attending perform about any of it? Include we prepared to stay idly by and inhabit circumstances of anxiety while our freedom of speech is actually calmly terminated? Or perhaps is there one thing we can do to test the updates quo and rehearse our very own skill to protect all of our confidentiality while the privacy of people?

The Hypertext Transfer method (HTTP) was an application-layer protocol that’s the first step toward the present day websites. Initially developed by Tim Berners-Lee in 1989, HTTP continues to be typically the most popular process being used now. Among center skills of HTTP would be that it’s flexible adequate to transmit virtually any information. HTTP can be every-where – it’s used on desktops, cellular devices, as well as IoT. As a result of the common characteristics of HTTP, firewalls and proxies are designed automatically to permit this sort of site visitors through. Could HTTP be used to connect tightly while completely skipping network management procedures?

This workshop challenges the assumption that HTTP cannot promises privacy of information. It will introduce you to the HTTP method and demonstrate the way it could be used to deliver information safely. We will create command-line programs in C/C++ on Linux which will make use of HTTP to securely deliver information over the websites, while skipping firewall and proxy regulations. We are going to need some ciphers, hashes, and other cryptographic programs which happen to be element of open-source libraries. Whether you are a professional programmer, end up somewhat rusty and want a refresher training course, and on occasion even in the event that you’d never produced a protected program in C/C++ before; this working area is for your.

Please be aware this particular are a medium-level, technical workshop and needs that attendees have actually prior expertise in a minumum of one programming language, preferably C or C++. Deliver your laptop, a USB flash drive, along with your preferred C/C++ 11 compiler (>= gcc/g++ 4.9.2 or msvc 2015).

Prerequisites: Previous knowledge of at least one programming language is required. Past experience with C/C++ and cryptography is useful, not called for.

Eijah Eijah may be the founder of Demonsaw, a secure and private facts sharing program. The past 5 years he had been additionally an elderly Programmer at Rockstar Games in which the guy done large Theft Vehicle V. Eijah possess over 15 years of pc software developing also it protection experience. Their profession enjoys sealed a broad number of websites and mid-range technology, center security, and program design. Eijah has been a faculty member at numerous schools, possess discussed security and developing at DEF CON and tool Miami meetings, and holds a master’s degree in computers research. Eijah is an active member of the hacking people and is also an avid proponent of online independence. ‘” 2_saturday,,,Workshops,”Octavius 6″,”‘Industrial Control program safety 101 and 201′”,”‘Matthew E. Luallen, Nadav Erez ‘”,”‘