BlackHat Europe
 Pedram Amini (pedram) <pedram amini gmailcom> |
Thursday, March 27 2008 15:15.41 CDT |
Ero and I finished up our two day Reverse Engineering course yesterday and caught up on some much needed sleep after a few drinks at some local pubs. Got a chance to catch some of the talks today prior to flying out tomorrow morning to Barcelona for the weekend.
FX had a well researched talk on Cisco IOS forensics that I greatly enjoyed. It appears the boys over at SABRE/Recurity have put together a pretty robust Cisco core dump analyzer and to my surprise they have made it available for use free of charge:
http://cir.recurity-labs.com
The other event I really enjoyed today was the
Iron Chef challenge. Apparently they had one of these at the Vegas Black Hat show, I had no idea. Essentially 2 teams are presented with a target and given 45 minutes to audit it. Their results are judged at the end of the 45 minutes by the audience and a winner is chosen. The chosen target was JForum, a web forum written in Java. The audience is allowed to play along; Neither Java nor web apps are my forte but I was playing around on Ero's laptop for a few minutes and found a persistent script injection flaw. Nothing too exciting but the contestants didn't do much better coming up with only a few theoretical possibilities. All in all I really like the idea of this Iron Chef track. They should provide a little more time and do something with binary analysis, that could be fun.
There are some great talks lined up for tomorrow that unfortunately I will be missing. I was especially excited about the DTRACE talk but was unable to change my flight.
Comments
| Posted: Wednesday, December 31 1969 18:00.00 CST | |