ekopartySecurityConference 2018 Sept. 26, 2018 to Sept. 28, 2018, Buenos Aires, Argentina

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
20 Years of Reverse-Engineering for the Sake of Emulation & Preservation Roberto Fresca A lot of inner technical things like forensics, reverse-engineering, disassembly, analysis, cracking, hacking, decryption, trojaning, ...
Knocking Down the Big Door (Breaking Authentication and Segregation of Production & Non-Production Environments) Nahuel Grisolía With more than 2000 enterprise customers and managing 1.5 billion logins every single day, Auth0 ...
How To Hack SD-WAN And Keep Your Sanity? Sergei Gordeichik Nowadays software designed networks, especially SD-WAN (software defined wide-area network) becomes “solution of choice” in ...
Old New Things: An Examination of the Philips TriMedia Architecture Nahuel Riva In today’s Intel/AMD and ARM controlled world, it’s always interesting, for a reverse engineer, to ...
Crafting PDF Readers with Floating Points Javier Aguinuga In this talk, it will be explained how to craft javascript objects from a OOBW ...
Out of the (v)Box Josué Rojas The highly used virtualization software such as Oracle VirtualBox, allows the isolated execution of different ...
Pwning Google Earth Fabián Cuchietti In this opportunity, we will use Google Earth as attacking vector through KMZ files. A ...
AFL, QBDI And KSE Are on a Boat... Gabrielle Viala The Windows kernel is a popular research topic. However, in its details, not all components ...
iOS JB: Present and Future Jonathan Levin The art of iOS Jailbreaking has evolved to meet and exceed Apple’s security defenses. But ...
The Unbearable Lightness of BMCs Matías Waisman Welcome to a data centre! A place where air conditioning never stops running, and the ...
I Forgot Your Password: Breaking Modern Password Recovery Systems Nahuel Doyhenard Designing a decently secure account recovery functionality, as well as a registration method is not ...
Remotely Attacking System Firmware Jesse Michael In recent years we have been witnessing a steady increase in security vulnerabilities in firmware. ...
PHP Object Injection Revival Claudio Salazar If you do some research about PHP Object Injections, you´ll find a great number of ...
Dynamic Callbacks for Persistence Xtr4nge It is focused on dynamic callbacks for re-establishing communication with C2 infrastructure and for achieving ...
Abusing Insecure WCF Endpoints Fabius Artrel Windows Communication Foundation (WCF) is a framework for building service-oriented applications using the .NET Framework. ...
Practical Web Cache Poisoning: Redefining "Unexploitable" James Kettle Modern web applications are composed from a crude patchwork of caches and content delivery networks. ...
MAME: +20 Years of Reverse-Engineering for the Sake of Emulation & Preservation Roberto Fresca A lot of inner technical things like forensics, reverse-engineering, disassembly, analysis, cracking, hacking, decryption, trojaning, ...
For the Love of Money: Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems Leigh-anne Yunusov These days it’s hard to find a business that doesn’t accept faster payments. Mobile Point ...
Don't Trust the NIC: Attacking Windows NDIS Drivers Enrique Elias Nissim Over the last decade, we’ve gone through a very large number of Windows kernel driver ...
Bricking or Implanting Servers: Not as Hard as You Think! Alex Michael In an age of cloud, containers, and serverless computing, it’s easy to forget that real ...
To Execute or Not to Execute. How to Build a Malware Execution Lab Maria García Running malware is an essential part to create defenses against such malware. It is only ...
ROP Chain Execution Detection Using Intel PT Diego Provinciani About Intel PTThe Intel Core iX processors incorporate a new technology called Intel Processor Trace. ...
NFC Payments: The Art of Relay and Replay Attacks Salvador Mendoza Over the past years, digital payment methods have gained an incredible rate of adoption in ...
Sleeping with the /*Enemy*/ Compiler: Software Vulnerabilities Caused by Optimizations Daniel Gutson There are some techniques to avoid vulnerabilities, such as zeroing buffers placed in the stack ...
Smart Contract Honeypots for Profit (and probably fun) Ben Schmidt Ethereum honeypot contracts combine the oldest of cons with the newest of tech. As it ...
MDM Me Maybe James Barclay Apple’s Device Enrollment Program (DEP) allows IT administrators to simplify Mobile Device Management (MDM) enrollment ...