DefCon27 2019 Aug. 8, 2019 to Aug. 11, 2019, Las Vegas, USA
Tell us about missing data
Tell us about missing data
| Title | Speakers | Summary | Topic Types |
|---|---|---|---|
| Exploiting Windows Exploit Mitigation for ROP Exploits | Omer Yair | “A concept is a brick. It can be used to build a courthouse of reason. ... | |
| Breaking Google Home: Exploit It with SQLite (Magellan) | Huiyu Wu , Wenxiang Qian , Yuxiang Li | Over the past years, our team has used several new approaches to identify multiple critical ... | |
| Are Quantum Computers Really A Threat To Cryptography? A Practical Overview Of Current State-Of-The-Art Techniques With Some Interesting Surprises | Andreas Baumhof | Shor's Algorithm for factoring integer numbers is the big threat to cryptography (RSA/ECC) as it ... | |
| Intro to Embedded Hacking—How you too can find a decade old bug in widely deployed devices. [REDACTED] Deskphones, a case study. | Philippe Laulheret | From small business to large enterprise, VOIP phones can be found on nearly every desk. ... | |
| Web2Own: Attacking Desktop Apps From Web Security's Perspective | Junyu Zhou , Ce Qin , Jianing Wang | People are always talking about binary vulnerabilities when attacking desktop applications. Memory corruptions are always ... | |
| DEF CON 101 Panel | Tottenkoph , Highwiz , Shaggy , Nikita , Will , N00bz , Secbarbie | The DEF CON 101 Panel is the place to go to learn about the many ... | |
| Behind the Scenes of the DEFCON 27 Badge | Joe Grand (kingpin) | Incorporating natural elements, complex fabrication techniques, and components rarely seen by the outside world, the ... | |
| Hacking Congress: The Enemy Of My Enemy Is My Friend | Jen Ellis , Cris Thomas , Former Harman , Rep. James Langevin , Rep. Ted Lieu | A SIMULATED crisis is unfolding on a national scale, based loosely on the NotPetya attack ... | |
| Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware† | Olivier Bilodeau , Masarah Paquet-clouston | This talk is the grand finale of a four-year long investigation that started with analyzing ... | |
| Duplicating Restricted Mechanical Keys | Bill Graydon , Robert Graydon | Secure facilities in North America use lock systems like Medeco, Abloy, Assa and Mul-T-Lock partly ... | |
| Don't Red-Team AI Like a Chump | Ariel Herbert-voss | AI needs no introduction as one of the most overhyped technical fields in the last ... | |
| The Tor Censorship Arms Race: The Next Chapter | Roger Dingledine | Tor is a free-software anonymizing network that helps people around the world use the Internet ... | |
| All the 4G Modules Could Be Hacked | Xiaohuihui , Ye Zhang , Zhenghuang | Nowadays more and more 4G modules are built into IoT devices around the world, such ... | |
| Evil eBPF In-Depth: Practical Abuses of an In-Kernel Bytecode Runtime | Jeff Dileo | eBPF (or "extended" Berkeley Packet Filter) is a bytecode instruction set and virtual machine used ... | |
| Process Injection Techniques—Gotta Catch Them All | Itzik Kotler , Amit Klein | When it comes to process injection in Windows, there are only 6-7 fundamental techniques, right? ... | |
| Phreaking Elevators | Willc | This is a comprehensive dive into the current emergency phones with an in-depth look at ... | |
| Infiltrating Corporate Intranet Like NSA _Pre-auth RCE on Leading SSL VPNs | Orange Tsai , Meh Chang | Computer security is now a public policy issue. Election security, blockchain, "going dark," the vulnerabilities ... | |
| API-Induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web | Joshua Maddux | The 2016 WWDC saw the dawn of Apple Pay Web, an API that lets websites ... | |
| HackPac: Hacking Pointer Authentication in iOS User Space | Xiaolong Bai , Min (spark) Zheng | Pointer Authentication (in short, PAuth) is the latest security mechanism in iOS. It is proposed ... | |
| HVACking: Understand the Difference Between Security and Reality! | Douglas Mckee , Mark Bereza | Like most modern devices, building controllers have increasingly become network connected, exposing them to a ... | |
| No Mas—How One Side-Channel Flaw Opens Atm, Pharmacies and Government Secrets Up to Attack | Phar | Hacking ‘high security’ electronic locks has become a bit of a hobby, but what if ... | |
| More Keys Than A Piano: Finding Secrets In Publicly Exposed Ebs Volumes | Xben "benmap" Morris | Did you know that Elastic Block Storage (Amazon EBS) has a "public" mode that makes ... | |
| Harnessing Weapons of Mac Destruction | Patrick Wardle | Whenever a new Mac malware specimen is uncovered, it provides a unique insight into the ... | |
| Are Your Child's Records at Risk? The Current State of School Infosec | Bill Demirkapi | From credit reporting agencies to hotel enterprises, major data breaches happen daily. However, when was ... | |
| How Deep Learning Is Revolutionizing Side-Channel Cryptanalysis | Elie Bursztein , Jean Michel Picod | This talk explores how AI is revolutionizing hardware side-channel attacks and what this new wave ... | |
| Practical Key Search Attacks Against Modern Symmetric Ciphers | Daniel "ufurnace" Crowley , Daniel Pagan | In theory, brute force key recovery attacks against modern ciphers like AES should be impractical ... | |
| MOSE: Using Configuration Management for Evil | Jayson Grace | Configuration Management (CM) tools are used to provision systems in a uniform manner. CM servers ... | |
| Change the World, cDc Style: Cow tips from the first 35 years | Joseph Menn , Deth Vegetable , Peiter Mudge Zatko , Chris Dildog Rioux , Omega | The Cult of the Dead Cow changed the culture of the entire security industry, the ... | |
| 100 Seconds of Solitude: Defeating Cisco Trust Anchor With FPGA Bitstream Shenanigans | Ang Cui , Jatin Kataria , Rick Housley | First commercially introduced in 2013, Cisco Trust Anchor module(TAm) is a proprietary hardware security module ... | |
| Relaying Credentials Has Never Been Easier: How to Easily Bypass the Latest NTLM Relay Mitigations | Marina Simakov , Yaron Zinar | Active Directory has always been a popular target for attackers, with a constant rise in ... | |
| Please Inject Me, a x64 Code Injection | Alon Weinberg | Malware authors are always looking for new ways to achieve code injection, thereby allowing them ... | |
| I Know What You Did Last Summer: 3 Years of Wireless Monitoring at DEF CON | D4rkm4tter (mike Spicer) | For the past 3 years d4rkm4tter has been obsessed with monitoring the wireless networks at ... | |
| Surveillance Detection Scout—Your Lookout on Autopilot | Truman Kain | Surveillance detection routes are a daily occurrence for clandestine operatives and agents all over the ... | |
| The JOP ROCKET: A Supremely Wicked Tool for JOP Gadget Discovery, or What to Do If ROP Is Too Easy | Dr. Bramwell Brizendine , Dr. Joshua Stroschien | Return-oriented Programming (ROP) has been the predominate code-reuse attack for over a decade, but there ... | |
| Poking the S in SD cards | Nicolas Oberli | Ever wonder why the S in SD cards stands for Secure? Well, it turns out ... | |
| Can You Track Me Now? Why The Phone Companies Are Such A Privacy Disaster | U.s. Wyden | Amidst the current public outcry about privacy abuses by corporate america, one sector has received ... | |
| Breaking The Back End! It Is Not Always A Bug. Sometimes, It Is Just Bad Design! | Gregory Pickett | Reverse engineering is critical to exploitation. However, going through the process of reverse engineering can ... | |
| Re: What's up Johnny?—Covert Content Attacks on Email End-to-End Encryption | Jens Müller | HTTP requests are traditionally viewed as isolated, standalone entities. In this session, I'll introduce techniques ... | |
| D0 N0 H4RM: A Healthcare Security Conversation | Billy Rios , Jay Radcliffe , Christian "quaddi" Dameff , Jeff Md , Suzanne Schwartz Md , Marie Moe Phd | Technology’s promise flows within medicine like blood through veins. With every drip of life-saving medicine ... | |
| Panel: DEF CON Groups | Jayson E. Street , April C. Wright , S0ups , Brent B1tk1ll3r , Darington , Tim Roberts (byt3boy) , Casey Bourbonnais | N/A | |
| Weaponizing Hypervisors to Fight and Beat Car and Medical Devices Attacks | Ali Islam , Dan Regalado (danux) | Historically, hypervisors have existed in the cloud for efficient utilization of resources, space, and money. ... | |
| Rise of the Hypebots: Scripting Streetwear | Finalphoenix | Buying Supreme is even harder when most of your competitors are AI. The era of ... | |
| Information Security in the Public Interest | Bruce Schneier | Computer security is now a public policy issue. Election security, blockchain, "going dark," the vulnerabilities ... | |
| EDR Is Coming; Hide Yo Sh!t | Michael Leibowitz , Topher Timzen | There’s a new, largely unaddressed threat in the security industry today, Endpoint Detection and Response ... | |
| Your Car is My Car | Jmaxxz | For many of us, our cars are one of the largest purchases we will ever ... | |
| HAKC THE POLICE | Bill Swearingen | PULL OVER!No, it is a cardigan, but thanks for noticing! After getting a nasty speeding ... | |
| Hacking Your Thoughts—Batman Forever meets Black Mirror | Katherine Pratt/gattakat | Mobile app hacking peaked in 2015 with tools like keychain-dumper & ssl-kill-switch released but requiring ... | |
| Meticulously Modern Mobile Manipulations | Leon Jacobs | Mobile app hacking peaked in 2015 with tools like keychain-dumper & ssl-kill-switch released but requiring ... | |
| How You Can Buy AT&T, T-Mobile, and Sprint Real-Time Location Data on the Black Market | Joseph Cox | Major US telecommunications companies AT&T, T-Mobile, and Sprint have been quietly selling access to their ... | |
| Defeating Bluetooth Low Energy 5 PRNG for Fun and Jamming | Damien Cauquil (virtualabs) | Bluetooth Low energy version 5 has been published in late 2016, but we still have ... | |
| Why You Should Fear Your "mundane" Office Equipment | Daniel Romero , Mario Rivas | The security of common enterprise infrastructure devices such as desktops and laptops has advanced over ... | |
| Zombie Ant Farm: Practical Tips for Playing Hide and Seek with Linux EDRs | Dimitry Snezhkov | EDR solutions have landed in Linux. With the ever increasing footprint of Linux machines deployed ... | |
| GSM: We Can Hear Everyone Now! | Campbell Murray , Eoin Buckley , James Kulikowski | The presentation demonstrates that the security of the A5/1 and A5/3 ciphers used to protect ... | |
| Tag-side attacks against NFC | Christopher Wade | This talk covers tag-side attacks against NFC communication protocols, including cracking of Mifare encryption keys ... | |
| SSO Wars: The Token Menace | Oleksandr Mirosh , Alvaro Muòoz | It is the year 2019. Humanity has almost won its long-standing war against Single-Sign On ... | |
| SELECT code_execution FROM * USING SQLite;—Gaining code execution using a malicious SQLite database | Omer Gull | Everyone knows that databases are the crown jewels from a hacker's point of view, but ... | |
| I'm on your phone, listening—Attacking VoIP Configuration Interfaces | Stephan Huber , Philipp Roskosch | If toasters talking to fridges is no joke to you, then you are aware of ... | |
| Zero bugs found? Hold my Beer AFL! How To Improve Coverage-Guided Fuzzing and Find New 0days in Tough Targets | Maksim Shudrak | Fuzzing remains to be the most effective technique for bugs hunting in memory-unsafe programs. Last ... | |
| Next Generation Process Emulation with Binee | Kyle Gwinnup , John Holowczak | The capability to emulate x86 and other architectures has been around for some time. Malware ... | |
| Get Off the Kernel if You Canít Drive | Mickey Shkatov , Jesse Michael | For software to communicate with hardware, it needs to talk to a kernel-mode driver that ... | |
| Reverse-Engineering 4g Hotspots for Fun, Bugs and Net Financial Loss | G Richter | “5G is coming” (apparently). That probably means, over the next few years, more and more ... | |
| State of DNS Rebinding—Attack & Prevention Techniques and the Singularity of Origin | Gerald Doussot , Roger Meyer | Do you want to know how you can exploit DNS rebinding 10x faster, bypass prevention ... | |
| .NET Malware Threats: Internals And Reversing | Alexandre B | .NET malware is well-known by security analysts, but even existing many tools such as dnSpy,.NET ... | |
| Reverse Engineering 17+ Cars in Less Than 10 Minutes | Brent Stone | Brent provides a live demonstration reversing engineering 17 or more unknown passenger vehicle CAN networks ... | |
| Confessions of an Nespresso Money Mule: Free Stuff & Triangulation Fraud | Nina Kollars , Kitty Hegemon | In 2018 I somewhat innocently bought very expensive coffee (Nespresso capsules) online from Ebay. What ... | |
| Vacuum Cleaning SecurityóPinky and the Brain Edition | Clou (fabian Ullrich) , Jiska | Data collected by vacuum cleaning robot sensors is highly privacy-sensitive, as it includes details and ... | |
| Unpacking Pkgs: A Look Inside Macos Installer Packages And Common Security Flaws | Andy Grant | We are hackers, we won't do as you expect or play by your rules, and ... | |
| Go NULL Yourself or: How I Learned to Start Worrying While Getting Fined for Otherís Auto Infractions | Droogie | Input sanitization issues will always exist, although it’s surprising at how we’re still seeing amateur ... | |
| Apache Solr Injection | Michael Stepankin | Apache Solr is a search platform used by many enterprise companies to add a full ... | |
| We Hacked Twitter... And the World Lost Their Sh*t Over It! | Mike Godfrey , Matthew Carr | In December 2018 INSINIA Security was involved in one of the biggest hacking stories of ... | |
| Backdooring Hardware Devices By Injecting Malicious Payloads On Microcontrollers | Sheila Ayelen Berta | Is targeting microcontrollers worth the effort? Nowadays, they are responsible for controlling a wide range ... | |
| Adventures In Smart Buttplug Penetration (testing) | Smea | Analysts believe there are currently on the order of 10 billions Internet of Things (IoT) ... | |
| Hacking WebAssembly Games with Binary Instrumentation | Jack Baker | WebAssembly is the newest way to play video games in your web browser. Both Unity3d ... | |
| Your Secret Files Are Mine: Bug Finding And Exploit Techniques On File Transfer App Of All Top Android Vendors | Huiming Liu , Xiangqian Zhang | Nearby sharing apps are very convenient and fast when you want to transfer files and ... | |
| The ABC of Next-Gen Shellcoding | Hadrien Barral , Rèmi Gèraud-stewart , Georges-axel Jaloyan | Shellcodes are short executable stubs that are used in various attack scenarios, whenever code execution ... | |
| SDR Against Smart TVs: URL and Channel Injection Attacks | Pedro Cabrera Camara | Software-defined-radio has revolutionized the state of the art in IoT security and especially one of ... | |
| Exploiting Qualcomm WLAN and Modem Over The Air | Peter Pi , Xiling Gong | In this talk, we will share our research in which we successfully exploit Qualcomm WLAN ... | |
| Say Cheese—How I Ransomwared Your DSLR Camera | Eyal Itkin | It's a nice sunny day on your vacation, the views are stunning, and like on ... | |
| I'm In Your Cloud... Pwning Your Azure Environement | Dirk-jan Mollema | After having compromised on-premise for many years, there is now also the cloud! Now your ... | |
| Malproxying: Leave Your Malware at Home | Hila Cohen , Amit Waisel | During a classic cyber attack, one of the major offensive goals is to execute code ... | |
| HTTP Desync Attacks: Smashing into the Cell Next Door | Albinowax | HTTP requests are traditionally viewed as isolated, standalone entities. In this session, I'll introduce techniques ... | |
| Help Me, Vulnerabilities. You're My Only Hope | Jacob Baines | MikroTik routers keep getting owned. They’ve been exploited by advanced threats like VPNFilter, Slingshot APT, ... | |
| [ MI CASA-SU CASA ] My 192.168.1.1 is Your 192.168.1.1 | Elliott Thompson | Your browser thinks my 192.168.1.1 is the same as your 192.168.1.1. Using a novel combination ... | |
| Sound Effects: Exploring Acoustic Cyber-weapons | Matt Wixey | While recent research has explored the capability of attacks to cause harm by targeting devices ... | |
| Owning The Cloud Through Server-Side Request Forgery | Ben Sadeghipour , Cody Brocious (daeken) | Today's systems sandbox code through traditional techniques: memory protection and user-kernel mode. Even high-security devices ... | |
| Want Strong Isolation? Just Reset Your Processor | Anish Athalye | DARPA’s Grand Cyber Challenge foretold an ominous future stricken with machines exploiting our code and ... | |
| Firmware Slap: Automating Discovery of Exploitable Vulnerabilities in Firmware | Christopher Roberts | DARPA’s Grand Cyber Challenge foretold an ominous future stricken with machines exploiting our code and ... | |
| Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks | Brad Dixon | Athletes are competing in virtual cycling by riding real bikes on stationary trainers which power ... | |
| The Ether Wars: Exploits, counter-exploits and honeypots on Ethereum | Bernhard Mueller , Daniel Luca | Ethereum smart contracts are Turing-complete programs that mediate transfers of money. It doesn't come as ... |