Doorkeeper

Becks Japan #2

Thu, 25 Apr 2019 19:00 - 23:00

LINE Corporation Shinjuku Miraina Tower Office, LINE Cafe, 23th floor

Tokyo, Shinjuku-ku, Shinjuku 4-1-6 JR Miraina Tower 23rd floor

Register

Registration is closed

Get invited to future events

Free admission
Reception on 5th floor, please take escalators to 5th floor.

Description

Becks Japan #2

Second edition of Becks in Japan. Talks by @ninoseki, @binspecta (ramses), and @kkamagui1

Twitter Hashtag : #becks_jp

Featured talks (see below for details):

  1. How to become a phisherman by ninoseki (Manabu Niseki)
  2. Another one bites the apple! by ramses (JunHo Jang)
  3. Betrayal of Reputation: Trusting the Untrustable Hardware and Software with Reputation by kkamagui (Seunghun Han)

Schedule

  • 18:50 Open
  • 19:20 Welcoming words (10min)
  • 19:30 How to become a phisherman (30 min)
  • 20:00 Another one bites the apple! (40 min)
  • 20:40 Break (10 min)
  • 20:50 Betrayal of Reputation: Trusting the Untrustable Hardware and Software with Reputation (50 mins)
  • 21:40 Social event (with beers!)
  • 23:00 End

Talk details:

1. How to become a phisherman by ninoseki (Manabu Niseki)

  • Abstract: Phishing is an old technique but it is still active today. You should catch a phish for understanding how phishing works.
    In this talk I will provide methodologies for phishing kit hunting and a tool for that. My methodologies and the tool is based on OSINT so you can try it free!
  • Profile: ninoseki is a researcher who works in a CSIRT, an OSS contributor who focuses on infosec things.
  • Language: Japanese (with English translation)

2. Another one bites the apple! by ramses (JunHo Jang)

  • Abstract: OSX/iOS kernel has some attack surfaces from user space such as IOKit, system call, MIG(Mach Interface Generator) handler. Especially, MIG is XNU kernel's distinct feature from LINUX or UNIX.

    In this talk, I will introduce some methods related to finding vulnerabilities in XNU kernel's MIG handler, including:​

    • Analyzing the MIG handler in XNU kernel
    • Making a simple fuzzing framework through XNU kernel compile
    • Analyzing a kernel heap buffer overflow vulnerability (0-day)

    ​Lastly, I will talk about challenges in exploiting this vulnerability.

  • Profile: My role at LINE is to keep cryptocurrency exchange secure. For this, I do source code auditing, infra structure check, and security policies assessment.

    Also, I used to play CTFs as a member of a team named PLUS. ~10 years ago, our team got 3rd place in Defcon CTF. As a bug hunter, I'm very interested in finding bug from web browsers or apple products.

  • Language: English (with Japanese translation)

3. Betrayal of Reputation: Trusting the Untrustable Hardware and Software with Reputation by kkamagui (Seunghun Han)

  • Abstract: Reputation is based on trust and people normally believe the products produced by global companies like Intel, HP, Dell, Lenovo, GIGABYTE and ASUS because of their reputation. Their products are built with some kinds of hardware and software that are made by them or confirmed by them. Global companies have spent their efforts making and managing high-quality products for profit and reputation. So, trust based on reputation works properly. Despite their efforts, the complexity of hardware and software has been increasing. Because of it, it is hard to check the correctness and completeness of specifications and implementations related to their products.

    In this talk, I introduce the case that hardware and software, especially BIOS/UEFI firmware, Intel Trusted Execution Technology (TXT), and Trusted Platform Module (TPM), betrays your trust. Reputable companies defined specifications and implemented them. TPM with UEFI/BIOS firmware and Intel TXT has been widely used and responsible for the root of trust.

    I found two vulnerabilities, CVE-2017- 16837 and CVE-2018-6622, related to the sleep process. Unlike previous researches, the vulnerabilities can subvert the TPM without physical access. To mitigate the vulnerabilities, I also introduce countermeasures and a tool, "Napper", to check the vulnerabilities. Sleep process is a vital part of the vulnerabilities, so Napper makes your system take a nap and check them.

  • Profile: Seunghun Han is a hypervisor and an operating system security researcher at National Security Research Institute of South Korea and before that was a firmware engineer at Samsung Electronics. He is an expert in the hypervisor and had his own hypervisor, Shadow-box. He also had several CVEs on Linux kernel and BIOS/UEFI firmware, and he contributed patches to various system and security software.

    He was a speaker and an author at USENIX Security, Black Hat Asia, HITBSecConf, beVX, and KIMCHICON.

    He also authored the books, "64-bit multi-core OS principles and structure, volume 1 (ISBN-13: 978-8979148367) and volume 2 (ISBN- 13: 978-8979148374)".

  • Language: English (with Japanese translation)

About this community

Becks

Becks

Beer and Hacks A community of hackers, security researchers, and anyone interested in security. (almost) Monthly meetups in Tokyo featuring top security researchers, practitioners, and beers from ...

Join community