Post on 06-May-2015
description
Computer Science, Hacking and Research:
For fun and profit@CompSci Festival, HKUST
Anthony LAIValkyrie-X Security Research Group
VXRL
Welcome, who am I?
Computer Science graduate in 1998.Not in {Dean List, First Honor}
Currently work on security research, penetration test, attack analysis and incident response
Speaking at DEFCON, HITCON, Blackhat...etc.
Found VXRL, which is a non-profit making security research organization; Invited by OGCIO to be a member of information Security advisory member.
Why do I set up this talk?
With the past 15 years after graduation, I wanna:Inspire you guys
Clear your misunderstanding over Computer Science
Convey ideas that faculty and your fellows cannot give you
Basically, I believe it is my duty to do it.
Agenda
Computer Science- Important and Useful Algorithm- Other “kungfu”?
Computer Security and Hacking- Fun? Profit?
Security Research- Why is it critical and interesting?
Part 1: Computer Science(10 minutes)
Computer Science
Why do we need computer science?
Computer science teaches you programming only?
Why do we need algorithm?
Why do you need to learn about it?
Top useful algorithm:
http://www.quora.com/Computer-Science/What-are-some-of-the-most-ingenious-algorithms-in-computer-science
Most Important Algorithm:http://www.koutschan.de/misc/algorithms.php
From MSR
Other Kungfu?Protocols
ProgrammingDatabase
Operating System FundamentalNetworking
Software Engineering and DesignCryptography
Pattern RecognitionData mining
Discrete MathsStatistics
Once you learn them all
What are their usage in security?
For example,Pattern recognitionData miningSearch algorithm
Security Area
For example
1. Encryption
2. Server Logs and Network Packets
- Identify threats and attack
- Identify network attack
3. Malicious Code and Executable (Malware)
Part 2: Hacking(30 minutes)
Security and Hacking
You need to understand various technical disciplines:
Operating SystemNetworkingCryptographyMemoryBinary structureProtocols
Be ethical, don't make offense
18
CTF (Capture The Flag for Fun and Profit)
19
What is CTF game?
You need to get the key for pointsChallenges include crypto, network, forensics,
binary/reverse engineering/exploitation, web hack and miscellaneous.
Top teams could enter final round of contestDEFCON, Plaid CTF, Codegate, Secuinside
are famous CTFs in the planet and we join every year.
20
Why do we enjoy to play?
Challenges are practicalNeed your knowledgeNeed your skillsUnderstanding vulnerabilitiesThinking like an attackerTrain you up to manipulate proper tools
21
HITCON CTF 2013
22
Our rank? Any rewards?
4th prize in HITCON CTF 2013 (19-20 July, Taipei)
23
Our world ranking
24
Sample Question (1)
Please read the following code, how can you solve it?
25
Sample Question (1)
Please read the following code, how can you solve it?
26
Question 1
There are a couple of things to note:
We must do the operations in reverse order since this is the inverse function.
The hex2bin function is only available in PHP >= 5.4.0. Had to resort to the documentation to find the alternative: pack ("H*", $str)
27
Okay, let us do some hack (10-15 minutes :)
www.overthewire.org Please click “Natas” It is a module to practice your Web hack. You could do it in group, I got prize for top 3
fellows. However, you need to understand:
HTTP protocol Web Application Common vulnerabilities of Web Application (Please
refer to OWASP Top 10 from www.owasp.org)
29
Pickle object serialization
30
Serialization
31
A Vulnerable Django
https://github.com/OrangeTW/Vulnerable-Django/
32
If the key leaks
We could generate our own cookie and sign it over.
33
We even could include command execution1. Generate and sign the new cookie with command execution
2. Replace the original cookie with our generated one.
34
Pwned :) (Simply input Guest, type in some
text in box and submit)
35
More than that, we could get the key from the server to change our command to read file instead ...
36
CTF fun and profit
The fun is to practice our security and “kungfu”
The profit is to earning knowledge, building trust and friendship.
Sometimes, we could get reward :)
Part 3: Research(10 minutes)
Research
Research is not limited to academia only
As UG, or even you don't enroll PhD program at this moment, you could even start it.
Someone do the research for career, some may do the research for “homework”, but I do it for “passion” and community.
My Research
http://scholar.google.com.hk/citations?user=YcjzoFkAAAAJ&hl=en
Research
Objectives:Current problem
Issue/Industry driven
Practical
Impact and Improvement
Novelty or/and incremental efforts
Security and Hacking Conference
http://en.wikipedia.org/wiki/Computer_security_conference
Realize the problems in both academia and industry.
Top Academic security conference (focus on practicality) Usenix (https://www.usenix.org/)
Reviewers and panelists come from both academic and industry sectors.
Security and Hacking Conference
Industry Conference DEFCON (www.defcon.org) Blackhat (www.blackhat.com) AVTokyo (www.avtokyo.org) Hack In Taiwan (www.hitcon.org) POC (http://www.powerofcommunity.net/) XCON (xcon.xfocus.net)
Cheer up!
I try to correlate computer science, security/hacking and research together in the past 50 minutes.
Remember to position yourself as a scientist. Reading others' paper (for example: Usenix) Pick your strength and favorite. Research could internationalize your capability
and talents. Enjoy computer science, hacking and research. :-)
Our VX Research
Malware and Target Attack Web Hacking Forensics Cryptography and Password Reverse Engineering, Exploitation and
Software Security Secret mission and operation :-)
Attack Map
Thank you for your listening
https://www.facebook.com/darkfloyd2 darkfloyd[at]vxrl.org