Yesterday, I made a trip to Paris to attend the “Nuit du Hack 2010“. It was already the 7th edition. The event, organized between 16h and 7h, was split in two parts: a set of talks about security topics and, starting from midnight, a CTF contest. I had the chance to get one of the latest places. This year, there was 500 seats available! The event was organized on a boat in the center of Paris. Nice place!
Arrived just in time in Paris, bad surprise: a huge amount of people waiting to ride on the boat. It seemed that the organization was overloaded by the administrative tasks. Also, first time that I see this at a security conference: all bags were inspected by a security guard: All food and drink were not allowed on the boat. Strange procedure and hard for people who will perform a CTF contest the whole night long (we all need Club Mate or Redbull right?). Only the refreshments and food provided on the boat was allowed and limited in choice (we also need 0xCOFFEE!).
After a long waiting time, I was finally on board but missed the beginning of the first conference. From my point of view, 500 people on this boat was too much: two talks were scheduled in parallel and the rooms were full! Only a small projector per room. Extra displays could be helpful to read the slides in better conditions. But let’s put aside these practical considerations, the talks were interesting! I attended the following ones:
“La rÃ©vÃ©lation des failles de sÃ©curitÃ©, risques et enjeux” – I missed the first part but it was interesting for the audience composed of relatively “young people”. A lawyer and a forensics specialist explained the risks to perform illegal online activities or with software (disclosure of vulnerabilities). They explained how works the French justice with simple words. I wrote down an interesting information: In France, there are only 10 IT experts in forensics who can be mandated by judges!?
“GPGPU et ses implications sur la sÃ©curitÃ© des systÃ¨mes de chiffrement” by Lucas Fernandez. Lucas explained why it became very interesting to use GPU’s instead of CPU’s to perform some attacks like passwords cracking. GPU’s or “Graphics Processing Unit” are much more powerful than the regular CPU’s. Why not use their power in this case? He also presented some frameworks and tools developed to use the GPU power like OpenCL or Cuda. Luca’s presentation ended with a live demo of MD5 password cracking. It was impressive. Even if you use a strong password, it can be easily cracked in a few hours (and what’s a few hours today?)
“La sÃ©curitÃ© antivirale est un Ã©chec” by Stefan Le Berre. He demonstrated that an anti-virus, besides the commercial messages given by companies, does not fully protect you against attacks. It just reduces the surface attack but it remains vulnerable to other types of attack. As some components of the anti-virus run at ring “0” (the kernel – with full privileges), they can be abused due to vulnerabilities. Stefan disclosed some 0-days found on the most common commercial solutions. All major names were affected! Interesting tool to find vulnerabilities in Windows kernel drivers: ioctl_fuzzer.
“Cracking the Playstation 3” by GeoHot. Special guest for this edition! George made a one-hour presentation about his work about the iPhone and PS3 cracks. Very nice to listen to him!
“Xdbg, un dÃ©sassembleur et dÃ©bogueur open-source” by Christophe Devine. He presented his project (with the help of a developer) and explained why they started a brand new project from zero.Â The development started recently and looks already interesting. They are looking for volunteers, have a look here.
“Analyse avancÃ©e de la mÃ©moire physique de Mac OS X” by Matthieu Suiche. Again, Matthieu made the show with his well-known presentation about the forensics analyze of the MacOS memory. Impressive work!
“Stack Smashing Protector” by Paul Rascagneres – RootBSD. Finally, Paul presented a cool research about SSP. After an introduction about this principle implemented by GCC (very interesting for me, I’m not a developer), he explained how the SSP has been implemented in Linux and FreeBSD. And, of course, how to try to escape this mechanism 😉
Except the GeoHot’s presentation, all of them were in French. The audience was quite young (lot of students) and coming mainly from Paris. After the presentations, the CTF started until 7h. It was time for me to come back to Belgium! Cool event where I met friends (Marc, Paul, Christophe & the others)