Voila la nuit du hack à bien eu lieu à Paris au mouvement de la péniche bercé par les flots,j'ai donc pu rencontrer pas mal de webmaster de blog et de crackeur de tout.
J'ai pu assister à plusieurs conférences mais j'ai étais déçu par le manque d'organisation des organisateurs,car les salles étaient tellement pleine que je n'ai pas pu assister à tous.
Planning des conférences
onférences | Autheurs | Synopsis | Slides |
---|---|---|---|
Unix Malwares | Julien REVERET | Most Unix users may think they're safe from threats such as viruses and malwares. This talk will prove them wrong, there are many different ways to infect a Unix system. A framework to create malware infected packages for unix platforms will be demonstrated. | Slides |
Xeek | Emilien GIRAULT | XeeK is an XSS exploitation framework. It aims at poviding a modular and scalable tool to make exploit writing easier. It can trace zombi connections in real time, and let the attacker control the victims' browser. It allow arbitrary JavaScript code execution, spying on the user, XSRF, and bounce attacks. XeeK provides an API that enable it to be scripted and easily interfaced with other pentest tools. This project is still in development, and will be released under the GNU/GPL license during the event. | Slides |
Antivirus Security is a failure | Stéfan LE BERRE | We often entrust the security of our operating system to anti-virus / firewalls. The question is "Is this a good thing?". We show rapid functional limitations related to anti-virus and firewalls. Even if these systems do not totaly protect us, they should not be a gateway for hackers. Unfortunately today the anti-virus are poorly tested before being put into production. It is a risk for users who paid for theirs protection. The talk will be focused on practical vulnerability research highlighing obvious security holes. | Slides |
Embedded Security | George HOTZ | The PS3 has been considered unbreakable for 3 years, during which it has not been affected by piracy. On January 23th 2010, and after 5 weeks of research, George Hotz claimed on his blog: "I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3."In this conference, the author will explain security mechanisms enforced by Sony to protect the console, and how to bypass them. | Slides |
Virtualisation and security | Emmanuel ISTACE | The purpose of this presentation is to give an overview about virtualisation security. Indeed, virtualisation is more and more present in current IT infrastructures, but is frequently misused. Our goal is not to make a demonstration of vulnerabilitiy exploitations, but rather to present the weak points of various virtualization technologies. | Keynote Slides PDF Slides |
Advanced Mac OS X Physical Memory Analysis | Matthieu SUICHE | In 2008 and 2009, companies and governments interests for Microsoft Windows physical memory growled significantly. Now it is time to talk about Mac OS X. This talk will describe basis of Mac OS X Kernel Internals (and not a XNU kernel creation timeline) and how to retrieve various information like machine information, mounted file systems, processes listing and extraction and threads, kernel extensions listing and extraction and Rootkit detection. | Slides |
Advanced lockpicking techniques | Cocolitos et Mr Jack | Lockpicking is the well-known art of lock-opening but many high-security locks cannot be open this way. This talk will present two particular lockpicking techniques (known as key-impression techniques) plus an innovative and exclusive high-security lock opening technique based on a specifically crafted tool. | Slides |
GPGPU and its implications on security of encryption systems | Lucas FERNANDEZ | As video games graphics become more and more complex, graphics cards have turned to parallel computing, by multiplying their c units. Today these cards can be used in additional calculating CPU units. Thus, cryptography so dependent on the power of the machine for the encryption time, is offered new possibilities of bruteforcing with GPGPU technology. | Slides |
Security vulnerabilities disclosure, challenges and risks | Jérome HENNECART et Raphael RAULT | Vulnerabilities disclosure is a critical element of computer security. The speakers will talk, with demonstration, about challenges and risks of computer security vulnerabilities disclosure. | Slides |
Security vulnerabilities disclosure, challenges and risks II | Laurence FORAUD et Philipe JOLIOT | Vulnerabilities disclosure is a critical element of computer security. The speakers will talk, with demonstration, about challenges and risks of computer security vulnerabilities disclosure. | Slides |
Evolution IT | Gael THEROND | At present, the oldest tool considered a computer is the Antikythera. The Greek Antikythera is an object discovered in 1901 during excavations underwater on a Roman wreck. There is very little time that we know exactly what use this tool. In fact one used in the study of astronomical phenomena, it was used especially to predict eclipses and other astronomical events so amazingly accurate for its time. Have mechanism is so precise and complex relation that the person who created this object has noted the operation on the object itself. | Slides Slides2 |
HZVault | Majinboo | The HZVault project aims at combining both mobility, flexibility and security. This project is largely inspired from Globull but do not have its software weakness and costs only the price of "mass market" storage. To increase the safety and the performance of solution, the project can be carried on Globul or Datalocker, which makes its force. The goal is to use the chip of crypto of these product to evolve to a global safety and better I/O performances. HZVault was entirely conceived with open source products and will be released under an open source licence. | Slides |
xdbg, an open-source disassembler and debugger | Christophe DEVINE | Malicious code analysis requires efficient tools. However at the moment reversers mainly use proprietary and often very expensive tools (in particular IDA Pro, BinDiff, etc.). The goal of the xdbg project is thereforce to create an analysis tool licensed under the GPL, at first targeting the x86 platform. It aims to offer classic features for reverse-engineering and debugging assembly code. | Slides |
Stack Smashing Protector | RootBSD | Since FreeBSD 8.0, the SSP is activated automatically when compiling the OS. This GCC option, originally developed by IBM, allows to add protection mechanisms regarding buffer overflows. This presentation will come with C sources and a memory study using GDB. | Slides |
Merci aux organisateurs pour ce tableau des conférences
LES RENCONTRES
XAVBOX
PEDROSTORE
Dans la même ligné que xavbox pedro est un gars très simple et très conviviale ,il est spécialisé dans les poses de puces et flashage de toutes consoles.Il a un magasin en ligne PEDROSTORE,j'ai pu vérifier son travail qui est de qualité et soigné.Si vous souhaitez faire posé une puce ou flasher vos consoles vous pouvez y aller les yeux fermé.
NGTV
NetGaming est une webTV qui vous permet de suivre en direct (par le biais du streaming) des matchs ou des courses (tout dépend le jeu :p) commentés par des gens motivés et heureux de vous faire partager leur passion grâce à leur bonne humeur et commentaires avisés. |
http://www.netgaming.tv/
korben
J'ai pu rencontré aussi le webmaster de korben,qui est un gars très sympa avec de bonne connaissance en informatique et volontaire aux partages.Son site traite de l'actualité informatique et vous retrouvez nombreux de ses articles sur mon blog.
Les photos de la soirée
korben
J'ai pu rencontré aussi le webmaster de korben,qui est un gars très sympa avec de bonne connaissance en informatique et volontaire aux partages.Son site traite de l'actualité informatique et vous retrouvez nombreux de ses articles sur mon blog.
Les photos de la soirée
Etant organisés,nous te proposons de télécharger les slides des conférences ici => http://www.nuitduhack.com/slides2010-en-archives-nuit-du-hack.htm - En t'espérant une bonne compréhension
RépondreSupprimerFor hzv, ué mais vos slides ils parlent de wow et de ps3, pas sur qu'il comprenne :s
RépondreSupprimer