Time left until #BSidesBUD2019

Tickets

  • BSidesBUD Pass for Individuals
    12 500 HUF

    This ticket type is valid only for individuals. The invoices will be issued just for them, companies cannot purchase this type of ticket.

     

  • BSidesBUD Pass for Companies
    25 000 HUF

    By purchasing this type, you will receive a VAT invoice for your ticket in your company’s name and address after we have received the payment.

     

  • BSidesBUD VIP Pass
    55 000 HUF

    By buying the BSidesBUD VIP pass you are supporting the conference and you will be able to enjoy the VIP catering during BSidesBUD2019 along with the speakers and staff members.

News

Program

  • Conference Hall – First Part
    07:45 - 08:30
    Registration
    08:30 - 08:35
    Attila Marosi-Bauer - Opening Ceremony
    08:35 - 09:15
    Rakhim Davletkaliyev - How Will Cryptography Survive the Rise of Quantum Computing?
    The most widely used cryptography today is based upon a handful of ideas from number theory. The key to the security of most communications in the world lies in the sheer scale of the computation required to break codes. But some quantum algorithms will definitely reduce the computation time from billions of years to few hours, rendering modern cryptography useless. How will cryptography survive the rise of quantum computing? Or is there nothing to worry about?
    09:20 - 09:40
    Barnabás Sztán-Kovács - FRIDA, the "Hooker"
    FRIDA is a bad girl who can do nasty things - not only she is a hooker but also an expert at manipulating and eavesdropping. In other words, FRIDA is a superb customizable dynamic instrumentation toolkit which can attach to processes and inject code, even detach without crashing them. It can be used for reverse engineering, hooking, monitoring function calls and can also be used as a special malware analysis tool. This talk will tap into these cases a bit further and gives a glance at the capabilities of FRIDA and the possibilities it offers.
    09:45 - 10:25
    Tobias Schrödel - Social Networks are Social Weapons
    Tobias will talk about Social Networks with two aspects: a) how do they know so much about us, even though we don't give them all this information. There will be an example of what happens, when you upload a picture to a social network. What information can be extracted and where does this lead us to. b) fake news - some examples and how to identify them.
    10:25 - 10:45
    Coffee break (20 mins)
    10:45 - 11:25
    Philipp Krenn - Scale Your Auditing Events
    The Linux Audit daemon is responsible for writing audit records to the disk, which you can then access with ausearch and aureport. However, it turned out that parsing and centralizing these records is not as easy as you would hope. Elastic's new Auditbeat fixes this by keeping the original configuration, but ships them to a centralized location where you can easily visualize all events. You can also use Auditbeat to detect changes to critical files, like binaries and configuration files, and identify potential security policy violations. This talk shows you what can you do to discover changes, events, and potential security breaches as soon as possible on interactive dashboards. Additionally, we are combining Auditd events with logs, which are security relevant.
    11:30 - 12:10
    Zsombor Kovács - How to be a Pentester?
    TBA
    12:15 - 12:55
    Guillaume Lopes - Abusing Google Play Billing for Fun and Unlimited Credits!
    In 2017, the estimated global in-app purchase revenue was projected to exceed $37 billion. Just in the Google Play Store, for 2018, more than 200 000 apps are offering in-app purchases. However, the Google Play Billing API is vulnerable by design and allows an attacker to bypass the payment process. I analyzed several android games and found that it possible to bypass the payment process. This presentation will show real vulnerable applications (Fruit Ninja, Doodle Jump, etc.). The agenda of the presentation will be divided as follow: 1. Google Play Billing Presentation: Presentation of the workflow and how it works. In addition, a focus will be done on the local validation of the process. 2. Known vulnerabilities: Review of the vulnerabilities found by Dominik Schürmann. Demonstration of why the fixes performed by Google are not enough and how it is still possible to bypass the payment process. 3. Vulnerable applications: Example of vulnerable applications trying to protect the billing process (Doodle Jump, Snoopy Pop, Fruit Ninja, etc.) with different techniques (obfuscation, shared libraries, etc.). The presentation will focus on how the billing process is performed and how by reverse engineering the application, it is still possible to bypass the payment process. 4. Conclusion: Sum up of the numbers of vulnerable applications. Comparison with other billing libraries (Amazon and Samsung).
    12:55 - 13:40
    Lunch break (45 mins)
    13:40 - 14:20
    Denis Makrushin - The Way from App to Brain: Attack Surfaces of Smart Medical Infrastructure
    The concept of “SCADA for human” is central in focus of modern medicine. The realization of the systems that collects and proceed information about human body parameters, builds on current infrastructure and technology implementations. In the cases of some treatment procedures, data transferred via vulnerable medical networks and management software could be compromised, which could lead to an attacker being able to tamper with massive groups of patients at the same time. The goal of this talk is to provide the results of offensive research of networks and online-management software that uses in daily medical practice. We show not only typical entry points in medical infrastructure, but also highlight the vulnerabilities in software that popular with surgical teams, also permitted attackers to access sensitive data and even affect treatment procedures.
  • Conference Hall – Second Part
    14:25 - 14:45
    Sándor Fehér - The Katz out of The Bag
    The Mimikatz is a hacking tool which could be showed up in all significant IT incidents of the last few years. We all know it, although less of us know how it really works. In my presentation I would like to share the Mimikatz story, how Benjamin Delphy kept developing it year by year, and how the Microsoft's developers tried to harden the OS. I will show the working mechanisms of Windows' main protections and how Mimikatz bypasses them. I would also like to share my concept on how an enterprise defender can harden the environment in order to limit Mimikatz user efficiency in the network.
    14:50 - 15:30
    Julien Thomas - To Write or not to Write, that is the Question
    Thought data leakage through cache folders is not a new topic, it generally focused on Android on stock apps and how to steal user credentials. In this talk, we will show such a review can be extended to most of the apps installed on any devices. We will show how, by "simply" checking app cache, it is possible to - infer app internal behavior and data format - retrieve user PII assets from leaked session token or simply directly from the cache itself - retrieve / alter / delete user data - alter user data before sharing with partners - perform replay session due to leaked session header or internal protocols We will not reveal the name of the audited app due to responsible disclosure policies. However, our work relies on research made on 100+ major apps and flaws discovered in more than 20 of them, which lead us to various (responsible) disclosures.
    15:30 - 15:40
    Break (10 mins)
    15:40 - 16:20
    Dávid Török - Sustainability of the x86 Insecurity Model
    In today's ever evolving cybersecurity landscape, some organizations are starting to get the grasp of their individual threat profiles and associated attack surfaces that they have to invest time and effort in. Vulnerable software is a problem that we as an industry have been trying to deal with for a long time. There are no perfect solutions but there are many smart people tackling the issues there; doing code audits or performing security assessments, dare I say penetrating testing with an independent team or contractor is something that is definitely on the radar of competent organizations. With some of the industries leading minds on the effort, we've come to develop mitigations against entire classes of vulnerabilities via solutions such as pointer authentication, shadow stacks, control flow integrity checks (CFI) and the like. In this talk, I will tackle what I perceive to be the largest and least well understood attack surface there is in today's organizations, x86 platform security and out of band management systems such as Intel's management engine and AMD's platform "security" processor.
    16:25 - 16:45
    Martin Vrachev - Precaution - Your Source… for Vulnerabilities
    Precaution is an open source GitHub app designed to increase the security of open source projects by automatically scanning new pull requests for security vulnerabilities. The analysis reports issues such as weak cryptography, potential issues in certificate handling or possible publication of secrets and passwords and many others. Right now, we support scanning code in Python (using Bandit) and Go (using Gosec) but additional languages may be added in the future. In the talk I will present the Precaution’s workflow - how does it interacts with GitHub, the analysis the code for security vulnerabilities, the way Precaution merges the output from multiple security linters and how the results from the analysis are shown in the pull request itself on GitHub. I plan to record short video of how to use Precaution.
    16:50 - 17:30
    Tamás Tokics - Return-Oriented-Exploitation on ARM
    The focus of my talk is to introduce Return-Oriented-Programming (ROP) exploit techniques. The talk will also cover the basics of ARM exploit development for those who are unfamiliar with it. The presentation will cover the fundamentals of ARMv7 and ARMv8 registers and also some differences between the two architectures. I will talk about stack based attacks and Heap based techniques such as Heap Feng Shui and Heap Spary. In the end I will show a demo with a pre-made vulnerable app.
    17:30 - 17:40
    Break (10 mins)
    17:40 - 18:20
    Dávid Schütz - OWASP Top 10 Like I’m Five - From a Bug Bounty Hunter's Perspective
    OWASP Top 10 is a list of the 10 most common types of web vulnerabilities found in web applications today, made by OWASP. Since it is such a widely used and referred list by developers and hackers, people without web security experience could feel overwhelmed while trying to understand it, and may and up finding it complicated and confusing. My goal with this talk is to make ‘OWASP Top 10’ easily understandable for everyone including developers and people getting started in web security by using simple, real-world examples of the vulnerabilities, showing real disclosed bugs from bug bounty programs that paid and explaining the impact of them on the company, and by using my experience from the bug bounty space and the way I managed to understand these vulnerabilities in the first place. The talk will not only focus on how to find these bugs, but it will also try to help developers with understanding how to defend against these common vulnerabilities and write more secure code by understanding the way attackers think and try to exploit web applications.
    18:25 - 18:45
    Dr. Ferenc Leitold - Measuring the Unmeasurable - How to Estimate the Vulnerability of the Users?
    User behaviors danger the operation of an organization much more than any technical vulnerability does. A lot of technical solutions exist against attacks using technical security holes. The technical part of the IT security is well-grown, however dealing with the human factor is still in its infancy. In this presentation the possible methods for the user behavior assessments are discussed. The presentation focuses on some useful observation possibilities for user behavior measurement. The input sources what we can use can be from the workstation used by the particular user, from the network traffic and from the application logs, especially from protection logs. Using these input sources, a couple of very useful metric can be defined for the user classification as well. Once we can measure the level of the user behavior, we can use it for improving the IT security at the given organization.
    18:50 - 18:55
    Attila Marosi-Bauer - Closing Notes
  • Workshop Room
    08:35 - 10:35
    Guillaume Lopes & Davy Douhine - Mobile Hacking Workshop
    Guillaume Lopes (https://twitter.com/@Guillaume_Lopes) and Davy Douhine (https://twitter.com/ddouhine), senior pentesters, will share many techniques, tips and tricks to deliver to pentesters, bug bounty researchers or just curious a 100% “hands-on” training. Goal is to introduce tools (Adb, Apktool, Jadx, Androguard, Cycript, Drozer, Frida, Hopper, Needle, MobSF, etc...) and techniques to help you to work faster and in a more efficient way in the mobile ecosystem. This is the exact workshop that you would have liked to have before wasting your precious time trying and failing while trying to assess the security of mobile applications.
    10:35 - 10:45
    Break (10 mins)
    10:45 - 12:45
    Éva Szilagyi & Dávid Szili - Elastic Stack for Security Monitoring in a Nutshell
    Elastic Stack is one of the most commonly used open source data analysis and management platform today. It quickly became popular among security professionals too and it is also the building block of many open source and commercial SIEM. Elastic Stack is designed for speed and ease of use; it indexes data as it is ingested (write once read many or "WORM" storage) and it is extremely scalable and powerful, making ad-hoc queries and real-time visualization very easy. The components in the Elastic Stack are designed to be used together and releases are synchronized to simplify the installation and upgrade process. The stack consists of: - Beats, which is the platform for single-purpose data shippers; - Logstash, which is a server-side data processing pipeline that ingests data from multiple sources, transforms it, and then sends it to one or more outputs ("stash"); - Elasticsearch, which is a distributed, RESTful search and analytics engine; - Kibana, which lets users visualize data with charts, graphs, and dashboards. During this two-hour workshop, we will see how to use Elastic Stack for security monitoring and cover the following topics: - Beats (filebeat, auditbeat, metricbeat, winlogbeat, etc.) - Logstash (input, filter, and output plugins, GROCK, etc.) - Elastic Search (cluster, node, index, shard, replica, mapping, search, aggregation, etc.) - Kibana (index patterns, discover, visualizations, dashboards, Timelion, Vega and VegaLite, etc.) - Elastic Stack Alerting and Security (X-Pack, ElastAlert, Search Guard, ReadonlyREST, etc.) Technical requirements for the workshop: - A laptop with at least 8 GB of RAM and 40-50 GB of free disk space; - VMware Workstation, VMware Fusion or VMware Player installed.
    12:45 - 12:55
    Break (10 mins)
    12:55 - 14:55
    Péter Balogh & Nándor Krácser - Detecting and Blocking Vulnerable Containers in Kubernetes
    We'd like to go into detail about how container image vulnerability scans work - with a focus on catching vulnerabilities at the point in time at which deployments are submitted into the cluster.
    14:55 - 15:05
    Break (10 mins)
    15:05 - 17:05
    Dávid Szili - Introduction to Osquery
    Maintaining real-time insight into the current state of your endpoint infrastructure is crucial. It is very important from operational, continuous security monitoring, and incident response perspective. Created by Facebook in 2014, osquery is an open-source instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD operating systems. Osquery exposes the operating system as a relational database and allows you to write SQL queries to explore system data. The generic SQL tables represent running processes, loaded kernel modules, open network connections, browser plugins, hardware events, file hashes, etc. These SQL tables are implemented via an easy to extend API and several tables already exist and more are being written. The main advantage of osquery is that it allows you to use one platform for monitoring complex operating system state across an entire infrastructure. It has a high-performance and low-footprint distributed host monitoring daemon, osquery and also an interactive query console, called osqueryi. During this two-hour workshop, we will learn about osquery's capabilities and cover the following topics: - Osquery basics (installation, osqueryi, osqueryd, osquery schema); - SQL refresher (SELECT, FROM, WHERE, LIKE, JOIN, etc.); - Osquery configuration (flagfile, packs, schedule, logging, file integrity monitoring, etc.); - Fleet management (Kolide Fleet, Doorman, SGT, etc.); - Osquery extensions. Technical requirements for the workshop: - A laptop with at least 8 GB of RAM and 40-50 GB of free disk space; - VMware Workstation, VMware Fusion or VMware Player installed.
    17:05 - 17:15
    Break (10 mins)
    17:15 - 19:15
    Mohammed B. M. Kamel - Introduction To Buffer Overflow Exploit
    This workshop introduces how buffer overflow vulnerabilities arise in programs and how they get exploited. Exploiting the behavior of a buffer overflow is a well-known security exploit. On many systems, the memory layout of a program, or the system as a whole, is well defined. By sending in data designed to cause a buffer overflow, it is possible to selectively overwrite data pertaining to the program's state, therefore causing behavior that was not intended by the original programmer. Although all programmers know the potential threat of buffer overflow in their programs, there are still a lot of buffer overflow-related threats in both new and old software, regardless of the number of fixes that have already been performed. The workshop will contain a basic principal of understanding the buffer overflows, the program loading and execution within memory, how to spot buffer overflow conditions and how exploits get constructed for these overflow conditions.

What is BSides?

Security BSides is the first grass roots, DIY, open security conference in the world!  It is a great combination of two event styles: structured anchor events and grass-roots geocentric events.

“ It is no failure to fall short of realizing all that we might dream.

The failure is to fall short of dreaming all that we might realize. ”

Dee Hock, Chairman Emeritus, Visa International

‘Security BSides is a community-driven framework for building events for and by participants in the information security community. It creates opportunities for individuals to present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction by participants. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. This is where conversations for the next-big-thing happen. The open platform gives community participants a rare opportunity to directly share ideas, insights, and develop longstanding trusted relationships with others in the community.’ Security BSides

Partners of BSidesBUD2019

You should come if…

… you’re a student who’s interested in IT security…

… you’re  student who wants to work in the field of IT security…

… you’re an IT professional who wants to build relationships with similar experts…

… you want to meet/talk/exchange experience with people who has similar interests…

… you are interested in the latest trends of IT security…

… you want to experience the international atmosphere of BSidesBUD…

What participants said about BSides?

Location

  • Address
  • Lurdy Konferencia- és
    Rendezvényközpont

    1097 Budapest,
    Könyves Kálmán krt. 12-14.
  • Email
  • [email protected]

Tickets

  • BSidesBUD Pass for Individuals
    12 500 HUF

    This ticket type is valid only for individuals. The invoices will be issued just for them, companies cannot purchase this type of ticket.

     

  • BSidesBUD Pass for Companies
    25 000 HUF

    By purchasing this type, you will receive a VAT invoice for your ticket in your company’s name and address after we have received the payment.

     

  • BSidesBUD VIP Pass
    55 000 HUF

    By buying the BSidesBUD VIP pass you are supporting the conference and you will be able to enjoy the VIP catering during BSidesBUD2019 along with the speakers and staff members.