tag:blogger.com,1999:blog-3525897224044852702024-03-04T23:39:32.828-08:00The Hackers ConferenceUnknownnoreply@blogger.comBlogger4125tag:blogger.com,1999:blog-352589722404485270.post-81139998177366827732012-07-22T14:30:00.000-07:002012-07-22T14:30:21.766-07:00Aneesh Dogra will talk on "How to make a Linux ELF Virus" at THC2012<div dir="ltr" style="text-align: left;" trbidi="on"><div dir="ltr" style="text-align: left;" trbidi="on"><div style="text-align: justify;">17 years old hacker,Aneesh Dogra will talk on "<b><a href="http://www.thehackersconference.com/speakers.html">How to make a Linux ELF Virus (That works on your latest linux distribution)</a></b>" at 'The Hackers Conference 2012' . Linux or Unix has the reputation of being "not so buggy", and of being a good maintainer of system sanctity via good protection mechanisms.</div></div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">This talk will be focused on How to make a simple ELF virus in Linux. A virus is a program that infects other programs stored on permanent media. Usually this means to copy the executable code of the virus into another file. Other possible targets are boot sectors and programmable ROMs. </div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">The Executable and Linking Format (ELF) is meant to provide developers with a set of binary interface definitions that extend across multiple platforms. ELF is indeed used on several platforms, and is flexible enough to be manipulated creatively, as demonstrated by many. A virus could attach viral code to an ELF file, and re-route control-flow so as to include the viral code during execution.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Aneesh said,"<b><i>We'll be starting with a basic idea of a Prepernder and using that we'll create a Virus which actually works on your latest linux distribution. There will a demonstration showing how this virus infects different files on the system, and How it can be dangerous.</i></b>"</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Read More : <a href="http://thehackernews.com/2012/07/17-years-old-hacker-will-demonstrate.html" style="text-align: left;">http://thehackernews.com/2012/07/17-years-old-hacker-will-demonstrate.html</a></div></div>Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-352589722404485270.post-88303978988137359852012-07-22T14:00:00.000-07:002012-07-22T14:00:53.288-07:00Iranian Researchers going to Demonstrate Cross Platform Malware at 'The Hackers Conference 2012'<div dir="ltr" style="text-align: left;" trbidi="on"><div style="text-align: justify;">On upcoming 29th July 2012 Security Researchers <b>Sina Hatef Matbue</b> and <b>Arash Shirkhorshidi</b> going to Present "<b><a href="http://www.thehackersconference.com/speakers.html">Graviton Malware</a></b>" , which is Cross Platform Malware in <b>'<a href="http://www.thehackersconference.com/">The Hackers Conference 2012</a>'</b> . The purpose of 'graviton' is to become an artificial creature which can move between world of windows, world of apples, and world of empire penguins, etc. and remain stealth.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">The Windows one sends the following information back to the remote attacker's CPU details, Disk details, Memory usage, OS version, and user name. The Trojan can also download a file and execute it, or open a shell to receive commands. 'Graviton' is a combination of pure 'C' and 'asm'. It detects if you're running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">The Hackers Conference 2012 is expected to be the first open gathering of Blackhat hackers in India who will debate latest security issues with the top itelligence echolons in India. The conference has sent special invites to Blackhat hackers to come and demonstrate their talent and help the security agencies bridge the knowledge gaps existing today.</div></div>Unknownnoreply@blogger.com4tag:blogger.com,1999:blog-352589722404485270.post-32948562274418058462012-07-05T12:07:00.005-07:002012-07-11T06:26:58.078-07:00THC 2012 Speaker List Announced<div dir="ltr" style="text-align: left;" trbidi="on"><div style="text-align: justify;">The complete list of <a href="http://www.thehackersconference.com/speakers.html">speakers</a> of <b><a href="http://www.thehackersconference.com/">The Hackers Conference 2012</a></b> has been announced. The organizing committee would like to thank everyone who submitted their proposals. Check it out, see if your favourites are speaking on THC platform.</div><div style="text-align: justify;"><br />
<div style="text-align: center;"><b>[--- SPEAKING LINE UP ---]</b></div><br />
<b>Speaker :</b> Sina Hatef Matbue, Farhad Miri, Arash Shirkhorshidi (ChallenGe Security Team, Iran)<br />
<b>Topic :</b> "GraVitoN: Cross Platform Malware"<br />
<b>Abstract :</b> The purpose of 'graviton' is to become a platform, a beautiful combination of simple and smart ideas.The purpose of 'graviton' is to become an artificial creature which can move between world of windows, world of apples, and world of emperor penguins, etc. and remain stealth! We believe as this project grows, security professionals will have a better and deeper understanding of how viruses, trojans, etc work, so they can fight and protect themselves against those, and they can even create 'white viruses', to spread and fight against malicious viruses, effectively. With graviton-creator you can compile and customize your graviton as virus, trojan or even worm. graviton project is hosted at savannah We will introduce the main idea of "self-exploitable codes", roadmap of "GraVitoN", during upcoming #THC2012.<br />
<br />
<b>Speaker :</b> Anurag Kumar Jain and Devendra Shanbhag (Tata Consultancy Services, India)<br />
<b>Topic :</b> "Mobile Application Security Risk and Remediation"<br />
<b>Abstract :</b> Mobile Application Development is at an all time high owing to widespread use of Smartphones and Tablets.However, when it comes to security of information in these applications, it is mostly non-existent or improperly implemented. These vulnerable applications open theroom for hackers to compromise them and steal sensitive information. This session would cover the major threats in a mobile environment, top security risks/vulnerabilities in mobile applications and their remediation.<br />
<br />
<b>Speaker :</b> Chris 'Ch' Russo (Calcium Information Security, Argentina)<br />
<b>Topic :</b> "Black Arts of Automated and Remote Exploitation"<br />
<b>Abstract :</b> This talk is about bundle exploit packs, also known as BEPs. The introduction will involve the first systems in the market, their evolution, their authors and their customers, plus a general screening about how these systems are used and how they work. This presentation shows and demonstrates the mechanisms, including passive and active detection systems, drive by download and drive by cache techniques, geolocation libraries implemented, Obfuscation and encryption techniques, and the selection on the fly of the most convenient exploit for each case. How this systems are used, for malware spreading such as botnets, PPI binaries and Rouge AVs, generating profits for their owners for more than $500 dollars daily. Motivation behind this work is to expose one of the most widely used and efficient infection vector that has been used during the last years. Overall, the audience should benefit by understanding the threats, risks and market behind the automated remote exploitation techniques and the entire economic system behind it. This talk will also allow the users to take preventive measures in order to stop these threats or reduce the risk associated with it.<br />
<br />
<b>Speaker :</b> Mahesh Rakheja (Independent Security Researchers, India)<br />
<b>Topic :</b> "Android Spy Agent"<br />
<b>Abstract :</b> - Android spy agent is the application purely based on android platform. This application allows us to remotely access the entire victim’s personal information and even though the confidential data available in the android cell phone. The type of personal information include the victim’s contacts, call logs, messages, browser’s history, GPS location and many more information directly available on the victim’s cell phone. This application can also allows the attacker to remotely delete the data available on the victim’s phone. In order to perfectly work this application you have to gain access to the victim’s android cell phone for at least 20 seconds. You have to install the application and then restart the cell phone. After restart your application get automatically starts on the victim’s cell phone. Now you can access the victim’s cells information for any normal cell phone and get the response on it. The android spy agent will be hidden in the victim’s cell phone and not allows the victim to easily uninstall or delete it from the cell<br />
<br />
<b>Speaker :</b> Dev Kar (Independent Security Researcher, XYsec - India)<br />
<b>Topic :</b> "Browser Kung-Fu"<br />
<b>Abstract :</b> Web browsers started off with a single process, single thread model. However, the web has evolved from being document-centric to becoming application-centric.This gives rise to problems of stability, performance and security.In this talk we will see different security issues associated with the modern day Web Browsers due to their Architectural Design and due to the advancement in technologies like HTML-5.We will also see the practical demonstration of a browser bug using which we will steal all the contacts in a users Google talkgadget profile.We will also discuss our latest bug finding in the WebKit Browser Engine at #THC2012.<br />
<br />
<b>Speaker :</b> Aditya Gupta and Subho Halder (Independent Security Researchers, India)<br />
<b>Topic :</b> "All your Droids belong to me : A look into Mobile Security in 2012"<br />
<b>Abstract :</b> Android is a fast-growing mobile device Operating System based on the Linux 2.6.x kernel. It has the most consumer market share in smartphones and tablets, more than even the IPhone and Symbian. The talk is about Android Malwares, Botnets and all the crazy stuff you have been hearing in the past. We will give an inside view on how the black hat underground uses this, to earn 5-6 digit income per month . For this, We will start off with creating an Android Malware, and then will gradually move on to the Botnet Part.<br />
<br />
<br />
<b>Speaker :</b> Aneesh Dogra aka Lionaneesh (Programmer and A Security Enthusiast, India)<br />
<b>Topic :</b> "How to make a Linux ELF Virus (That works on your latest linux distribution)"<br />
<b>Abstract :</b> The Presentation is about How make a Linux ELF virus that works on your Latest linux Distribution. We'll be looking at the ELF headers and How the virus works plus I'll also be demonstrating how the virus works and even running it on my System.<br />
<br />
<br />
</div><div style="text-align: justify;">The conference will take place on 29th July 2012. Be sure , you have <a href="http://www.thehackersconference.com/ticket.html"><b>Registered your THC ticket</b></a> to attend it.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">For more information please visit <a href="http://www.thehackersconference.com/" style="text-align: left;">http://www.thehackersconference.com/</a></div></div>Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-352589722404485270.post-68576806223741137382012-07-05T10:50:00.000-07:002012-07-05T10:50:07.095-07:00'The Hackers Conference 2012' to be held in New Delhi<div dir="ltr" style="text-align: left;" trbidi="on"><div style="text-align: justify;">The Biggest Hacking Mania has arrived <b>The Hackers Conference 2012</b> will be held in <b>New Delhi</b> on July 29. <b>THC 2012</b> is expected to be the first open gathering of Blackhat hackers in India who will debate latest security issues with the top itelligence echolons in India. The Registrations and Call for papers for the conference are now open. The organizers have deicded to keep the number of seats to limited to ensure quality of the conference. The conference will be held at the India Habitat Center on July 29th.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">The Hackers Conference will see a galaxy of renowned speakers presenting 0-Day Vulnerabilities, Exploits and Android/Blackberry/iPhone Hacks. Apart from Speakers presenting on WI-FI and Web Application Security the Special invitees from government Intelligence agencies will also speak on National Security Issues emerging from Scada Hacking.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">The conference has sent special invites to Blackhat hackers to come and demonstrate their talent and help the security agencies bridge the knowledge gaps existing today.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">To Register visit : <a href="http://www.thehackersconference.com/">TheHackersConference</a> and Join Hackers on <a href="http://facebook.com/thehackersconference">Facebook</a> and <a href="https://twitter.com/#!/hackers_conf">Twitter</a>.</div></div>Unknownnoreply@blogger.com0