[ :: mainpage :: register :: conference :: training :: call for papers (CFP) :: the venue ]
[ :: capture the flag (CTF) :: press/media :: conference agenda :: contact us :: forum ]
[ :: sponsors :: past conferences :: conference kit (English) ]

Rodrigo Rubira Branco (Software Engineer, IBM)

Filed under: Main Page — Administrator @ 8:19 am

Presentation Title: Kernel Hacking - If I Really Know I Can Hack
Presentation Details:

This presentation intend to cover specifically the most necessary and more undocumented area of the computer security: attacks to the core of the systems (Kernel-level attacks—which can defeat the existing security models). As all we know, security systems generally runs with the kernel privilegies (like pax, lids, selinux and more others) and can be bypassed if the kernel itself has been compromised.

Attempts to protect the kernel mode (like canary protection into the kernel mode, introduced by Windows 2003 and pax-randkstack/noexec protections) exist, but are restrict in protecting the exploitation, not preventing the exploitation consequences. St. Michael is an open-source project, that covers Solaris and Linux (in the future, I plan to port it to NetBSD systems too) and try to offer a security integrity checks into that systems (it will check filesystem, kernel structures and MBR of the system against any attempt to change or any changes, and have the capability to recover the system or take it down).

During the presentation, many test-attacks will be used to explain how the StMichael actually works to defeat/detect attacks. Also, a sample will be showed, using StMichael and many others kernel security related tools (special focus into PAX).

About Rodrigo

Rodrigo Rubira Branco (BSDaemon) is a Software Engineer at IBM, member of the Advanced Linux Response Team (ALRT), part of the IBM Linux Technology Center (IBM/LTC) Brazil also working in the IBM Toolchain (Debugging) Team for PowerPC Architecture. He is the maintainer of the StMichael/StJude projects (www.sf.net/projects/stjude), the developer of the SCMorphism (www.kernelhacking.com/rodrigo) and has talks at the most important security-related events in Brazil (H2HC, SSI, CNASI). Rodrigo is also a member of the Rise Research (www.risesecurity.org).

** Presenting with Domingo Montanaro



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By


UAE Telecommunications Regulatory Authority(TRA)


Malaysian Communications and Multimedia Commission (MCMC)


Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors


Gold Sponsors


Microsoft Corporation


HP Middle East

Official Airline Partner


Official Airline Partner for HITB Crew


CTF Sponsor


Scan Associates

CTF Prize Sponsor


Scan Associates

Official Media Partner


Official Publications



Our Speakers Are Supported By:


Telspace Systems

Telecom Security Task Force - TSTF.net

Mediaservice.net

F-Secure Corp

Mozilla Corporation

FMA-RMS (Singapore/Malaysia)

Official Hotel


Supporting Media:

InfoSec News

(ISN) InfoSec News

XAKEP

Xakep (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations


ISECOM - Insititue for Security and Open Methodologies


IT Underground


X-Focus China

Zone-H Defacement Mirror


Xatrix Security