For those of you who had been reading my Day 1, Day 2/Day 3, and Day 2 revisited stories about Black Hat Europe here on ZDNet, I'm sure you were wondering what happened to Day 4, the second day of conferences. Well, after a long delay, here it is! Basically, I got caught up with covering the details of the Pwn2Own competition from CanSecWest, which really caught my attention! Without further delays, on to the coverage:
Why is it that everytime you get an early wake-up call while travelling it leads to a long day? Probably the lack of sleep due to the partying the night before!
In any case, Rob Carter and I had the first talk of the day for Day 4, which meant we had to be up early and ready to rock. The good thing for us, is that we're comfortable with this talk at this point, since we've given it at Black Hat Tokyo and Black Hat Federal as well. The talk actually went really well, despite the early morning, and we had good audience participation as well, as we received several questions both during the talk and after. I found the Black Hat Europe audience to be very technical and have have some really great questions.
For those not familiar with our talk, I've uploaded a white paper and our presentation for download. It involves the use of cross-site scripting and other web application attack vectors to abuse registered URI/Protocol handlers leading to buffer overflows, format string flaws, null pointer dereference issues, command injections, you name it we found it. If people are interested, I can do a separate article on the topic later, just drop a talkback or email to me and depending on the response we'll do that up.
Unfortunately, I had to miss Jarno Niemela's talk on "Mobile Phone Spying Tools", which I was really looking forward to, because he spoke at the same time as Rob and I. The next talk that came up that I watched was "DTRACE: The Reverse Engineer's Unexpected Swiss Army Knife", which was put on by Tiller Beauchamp and David Weston. This is a really great talk which I've already discussed in my coverage of Black Hat Federal, but it was worth me seeing again. Tiller and David have created a plugin to DTrace that allows a vulnerability researcher far greater capability and efficiency when looking into flaws on the Mac operating system (also this would work with most *Nix environments it is believed). Personally, as I've been looking into Mac flaws quite a bit lately, including the iPhoto format string flaw which has sense been patched by Apple, this is a huge advantage.
At this point, I really needed a quick nap, so I skipped lunch and the next talk. I hated missing the talk, as it was David Hulton (aka h1kari, the guy who runs ToorCon) as it is an excellent talk on "Intercepting Mobile Phone/GSM Traffic". Fortunately for me, I got to see it at Black Hat Federal, so to gain the extra sleep I was willing to miss the talk. For coverage on this particular talk, see my discussion of it from Black Hat Federal.
Feeling strong after my nap, I caught Billy Rios and Nitesh Dhanjani's talk, "Bad Sushi - Beating Phishers at Their Own Game", which is really an excellent talk. I believe that Nitesh and Billy are giving this talk again at RSA and possibly at Black Hat Vegas, so if you are heading to either of those conferences, I fully recommend catching it if you can. Billy and Nitesh discover phishing sites, then uncover phishing kits used by phishers. By looking into unique strings in some of these phishing kits, Rios and Nitesh were able to search for instances of these kits using Google. They uncovered very interesting things, such as:
- Phishers are actually phishing each other by poisoning the tool kits they deliver
- There is a whole ecosystem of identity theft, to which phishing is just one means of filling this demand
- Numerous sites are out there selling stolen identities like bulk candy
Seriously, this is probably the best talk I've EVER seen at any conference. Very entertaining, highly humorous, scary, infuriating... it hits on numerous levels.
The final talk I saw, "Investigating Individuals and Organizations Using Open Source Intelligence", by Roelof Temmingh and Chris Böhme, was a very interesting talk on the proliferation of personal and corporate information on the Internet and how this information can be used to create a profile of a group or organization. They actually included a live demo using the Maltego framework to collect and correlate this data, then analyze the data to discover useful results. They also used live examples to show how the lack of a true identity on the net, for example in social networks and email, can result in the creation of virtual communities. While this may not sound interesting right away, it truly is. Think of what you could do if you had a virtual community of people under your control... manipulate the stock market, politics, etc. Very interesting indeed... perhaps these virtual worlds are what's making the dollar so damned worthless in Europe.
All said and done, Black Hat was once again an awesome experience and Amsterdam was a beautiful place with a very open and interesting culture. Thanks to the Black Hat team and all the speakers and trainers for putting on such a good show, and thanks for the attendees and sponsors for making it all possible.