Reportage Nuit Du Hack 2010

Voila la nuit du hack à bien eu lieu à Paris au mouvement de la péniche bercé par les flots,j'ai donc pu rencontrer pas mal de webmaster de blog et de crackeur de tout.

J'ai pu assister à plusieurs conférences mais j'ai étais déçu par le manque d'organisation des organisateurs,car les salles étaient tellement pleine que je n'ai pas pu assister à tous. 

Planning des conférences

onférences	Autheurs	Synopsis	Slides
Unix Malwares	Julien REVERET	Most Unix users may think they're safe from threats such as viruses and malwares. This talk will prove them wrong, there are many different ways to infect a Unix system. A framework to create malware infected packages for unix platforms will be demonstrated.	Slides
Xeek	Emilien GIRAULT	XeeK is an XSS exploitation framework. It aims at poviding a modular and scalable tool to make exploit writing easier. It can trace zombi connections in real time, and let the attacker control the victims' browser. It allow arbitrary JavaScript code execution, spying on the user, XSRF, and bounce attacks. XeeK provides an API that enable it to be scripted and easily interfaced with other pentest tools. This project is still in development, and will be released under the GNU/GPL license during the event.	Slides
Antivirus Security is a failure	Stéfan LE BERRE	We often entrust the security of our operating system to anti-virus / firewalls. The question is "Is this a good thing?". We show rapid functional limitations related to anti-virus and firewalls. Even if these systems do not totaly protect us, they should not be a gateway for hackers. Unfortunately today the anti-virus are poorly tested before being put into production. It is a risk for users who paid for theirs protection. The talk will be focused on practical vulnerability research highlighing obvious security holes.	Slides
Embedded Security	George HOTZ	The PS3 has been considered unbreakable for 3 years, during which it has not been affected by piracy. On January 23th 2010, and after 5 weeks of research, George Hotz claimed on his blog: "I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3."In this conference, the author will explain security mechanisms enforced by Sony to protect the console, and how to bypass them.	Slides
Virtualisation and security	Emmanuel ISTACE	The purpose of this presentation is to give an overview about virtualisation security. Indeed, virtualisation is more and more present in current IT infrastructures, but is frequently misused. Our goal is not to make a demonstration of vulnerabilitiy exploitations, but rather to present the weak points of various virtualization technologies.	Keynote Slides PDF Slides
Advanced Mac OS X Physical Memory Analysis	Matthieu SUICHE	In 2008 and 2009, companies and governments interests for Microsoft Windows physical memory growled significantly. Now it is time to talk about Mac OS X. This talk will describe basis of Mac OS X Kernel Internals (and not a XNU kernel creation timeline) and how to retrieve various information like machine information, mounted file systems, processes listing and extraction and threads, kernel extensions listing and extraction and Rootkit detection.	Slides
Advanced lockpicking techniques	Cocolitos et Mr Jack	Lockpicking is the well-known art of lock-opening but many high-security locks cannot be open this way. This talk will present two particular lockpicking techniques (known as key-impression techniques) plus an innovative and exclusive high-security lock opening technique based on a specifically crafted tool.	Slides
GPGPU and its implications on security of encryption systems	Lucas FERNANDEZ	As video games graphics become more and more complex, graphics cards have turned to parallel computing, by multiplying their c units. Today these cards can be used in additional calculating CPU units. Thus, cryptography so dependent on the power of the machine for the encryption time, is offered new possibilities of bruteforcing with GPGPU technology.	Slides
Security vulnerabilities disclosure, challenges and risks	Jérome HENNECART et Raphael RAULT	Vulnerabilities disclosure is a critical element of computer security. The speakers will talk, with demonstration, about challenges and risks of computer security vulnerabilities disclosure.	Slides
Security vulnerabilities disclosure, challenges and risks II	Laurence FORAUD et Philipe JOLIOT	Vulnerabilities disclosure is a critical element of computer security. The speakers will talk, with demonstration, about challenges and risks of computer security vulnerabilities disclosure.	Slides
Evolution IT	Gael THEROND	At present, the oldest tool considered a computer is the Antikythera. The Greek Antikythera is an object discovered in 1901 during excavations underwater on a Roman wreck. There is very little time that we know exactly what use this tool. In fact one used in the study of astronomical phenomena, it was used especially to predict eclipses and other astronomical events so amazingly accurate for its time. Have mechanism is so precise and complex relation that the person who created this object has noted the operation on the object itself.	Slides Slides2
HZVault	Majinboo	The HZVault project aims at combining both mobility, flexibility and security. This project is largely inspired from Globull but do not have its software weakness and costs only the price of "mass market" storage. To increase the safety and the performance of solution, the project can be carried on Globul or Datalocker, which makes its force. The goal is to use the chip of crypto of these product to evolve to a global safety and better I/O performances. HZVault was entirely conceived with open source products and will be released under an open source licence.	Slides
xdbg, an open-source disassembler and debugger	Christophe DEVINE	Malicious code analysis requires efficient tools. However at the moment reversers mainly use proprietary and often very expensive tools (in particular IDA Pro, BinDiff, etc.). The goal of the xdbg project is thereforce to create an analysis tool licensed under the GPL, at first targeting the x86 platform. It aims to offer classic features for reverse-engineering and debugging assembly code.	Slides
Stack Smashing Protector	RootBSD	Since FreeBSD 8.0, the SSP is activated automatically when compiling the OS. This GCC option, originally developed by IBM, allows to add protection mechanisms regarding buffer overflows. This presentation will come with C sources and a memory study using GDB.	Slides

Merci aux organisateurs pour ce tableau des conférences

LES RENCONTRES

 XAVBOX

XavBox pro de la xbox et autre console est un gars simple qui se prends pas la tête ,il m'a bien reçu est n'hésite pas à faire partagé son savoir.

Pour toute info sur la xbox et autres consoles visiter son site

                        

                                          http://www.xavbox.com/

 

PEDROSTORE

Dans la même ligné que xavbox pedro est un gars très simple et très conviviale ,il est spécialisé dans les poses de puces et flashage de toutes consoles.Il a un magasin en ligne PEDROSTORE,j'ai pu vérifier son travail qui est de qualité et soigné.Si vous souhaitez faire posé une puce ou flasher vos consoles vous pouvez y aller les yeux fermé.

                                          NGTV                          

NetGaming est une webTV qui vous permet de suivre en direct (par le biais du streaming) des matchs ou des courses (tout dépend le jeu :p) commentés par des gens motivés et heureux de vous faire partager leur passion grâce à leur bonne humeur et commentaires avisés.

http://www.netgaming.tv/


                       korben                      


J'ai pu rencontré aussi le webmaster de korben,qui est un gars très sympa avec de bonne connaissance en informatique et volontaire aux partages.Son site traite de l'actualité informatique et vous retrouvez nombreux de ses articles sur mon blog.

Les photos de la soirée