by RSS Ruchna Nigam  |  Mar 25, 2013  |  Filed in: Security Research

Insomni'hack 2013 took place last week at Geneva and I had the opportunity to attend.


DAY 1 consisted of one day workshops on subjects ranging from "Linux exploitation" to "How to make sure your Pentest Report is never empty".

I had the chance to attend a workshop on "Practical ARM exploitation" given by black Steve (@s7ephen) and white Steve (Stephen Lawler). We initially had trouble getting the Gumstix we were supposed to work on running due to the difference in voltage levels between the US and Europe (it's about time the world came to a consensus on this! Nuclear disarmament can wait.)

However, a couple of smoked adapters later, we managed to get the workshop going by working on images of the Gumstix run on QEMU.

The workshop started with basics of ARM, proceeded to practical exercises on stack overflow exploits using different gadgets, an example of a ROP exploit and ended with some theory on bypassing XN, ASLR protections, which will probably take me a month or more to assimilate.

**In short, the workshop gives you a feel of the 'gadgets' to look for in order to write your ARM exploits. We were also given the Gumstix to take home that I'm looking forward to exploring more. All in all, I'd say everything apart from the "blackhats" we were given at the end of the workshop could prove useful to me with my future work ;) **

Workshop Favour : Gumstix (Source: Low quality phone camera)

DAY 2 was presentation day.

The first presentation I attended was my own called "Guns and smoke to defeat mobile malware" which was originally authored by CryptoGirl. I received ambiguous reactions to my presentation ranging from "too technical"/"I was lost" to "meh! Been there, seen that". It mainly talked about some tips and tricks we've used over the past one odd year to analyze Android malware and to crack challenges. If you had some questions come up later, you're welcome to contact me at rnigam [at] fortinet [dot] com. The slides from the presentation can be found here.

The other presentations I attended that I found interesting were :

  • "Hacking phones with Near Field Communication" by Charlie Miller. The presentation basically explained some of the fuzzing experiments he did with some new NFC-capable phones. It also explained flaws with the implementation of NFC on the Android OS (Android Beam) that allow an attacker to get shell on a victim's phone. Overall, the presentation was interesting throughout with the various demos he made.

  • "Comment j'ai cr un ISP dans mon garage" by Franois Deppierraz & Nicolas Desir. The presentation talked about the different components that would go into creating your own ISP. Despite missing some of the jokes in French, I still found it interesting, mostly the various stages of experiments that went into their work such as photographs of their servers immersed in oil to save costs of coolants and the stages of evolution of the wired connections they used.

Unfortunately, I couldn't stay for the contest. Congratulations to pycured for having won!

by RSS Ruchna Nigam  |  Mar 25, 2013  |  Filed in: Security Research