[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: hitb cinema :: lock picking village :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Conference Materials: http://conference.hitb.org/hitbsecconf2007kl/materials/

Official Photos: http://photos.hitb.org

The Grugq (Independent Network Security Researcher)

Filed under: Main Page — Administrator @ 2:46 pm

Presentation Title: Meta Anti Forensics : The HASH Hacking Harness
Presentation Details:

For the last decade buffer overflows and memory corruption exploits have been the main focus of hacking tool development. The actual hacking environment has received little attention. Indeed, most hackers still hack directly within a vanilla shell, using their tools straight off the command line. No public tools have emerged to change the methodologies of the command line hacker.

This talk presents a new penetration testing assistance tool to bridge the gap between vanilla command line hacking and graphical exploit environments such as Impact and CANVAS. At its simplest this new tool provides programmatic control to normal shell interactions. Utilising this powerful building block, based on Python and incorporating Expect-like functionality, this tool enables numberous new capabilities for today’s systems security analyst. Several bundled modules exist, including:

* Anti forensic trace-free remote execution of scripts and binaries
* Inline safe file transfer (no more uuencode + cat!)
* Aliases for common post-login commands (e.g. ‘unset HISTFILE’)
* Sanity checks for $PATH and $LD_PRELOAD

The basic functionality is impressive in itself, and it can be easily extended via the plugin system.

About The Grugq

The Grugq is a domain expert consultant on VoIP security, digital forensic analysis and reverse engineering. The Grugq has spent 7 years working with all aspects of information security, from penetration testing to solutions and product development. The Grugq�s career has seen him working for financials, security consulting companies, start-ups and, most recently, founding his own information security company.

The Grugq�s information security expertise ranges from penetration testing and source code auditting, through to rootkit technologies and advanced digital forensic analysis and investigation. Since 2001 the Grugq has been involved in active Voice over IP security research, recently completing successful audits for major European and Asian telcos.

The Grugq�s domain expertise in VoIP security has seen him present at conferences, release advisories and complete assessments for national European and major Asian telcos. Additionally, he has developed strategic whitepapers for enterprise VoIP deployments. Based on his experiences with numerous audits, the Grugq has developed a VoIP security assessment tool suite to facilitate more accurate, effective and rapid VoIP centric penetration testing.



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By


Malaysian Communications and Multimedia Commission (MCMC)


Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors


Microsoft Corporation

Gold Sponsors


SCANIT ME LLC

Official Airline Partner


Internet Bandwidth Sponsor


Global Transit

CTF Sponsor


Scan Associates

CTF Prize Sponsor


Scan Associates

Sponsor for Zone-H/HITB Hacking Challenge


Ascendsys

HITB Cinema Sponsor


Avenuz Sdn. Bhd.

Official Creation Station


The Womb.com

Our Speakers are Supported By


F-Secure Corporation


Arbor Networks


Mediaservice.net


Bellua Asia Pacific


ERNW GmbH


Mozilla Corporation


Mu Security

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations


Chaos Computer Club


ISECOM - Insititue for Security and Open Methodologies


ISACA


IT Underground


X-Focus China

Zone-H Defacement Mirror


Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore


Syscan