30/06/202310:00 > 10:15Kernel Panic!🇫🇷MajinbooPsychoBilly Zone 1 - Gaston Berger conference stage Phear not, take a seat, welcome to leHACK, the oldest and wildest french
hacking conference. Read More ...30/06/202310:15 > 11:00Project Memoria and OT:ICEFALL : Finding and Exploiting
Vulnerabilities in OT networks🇫🇷Simon Guiot Zone 1 - Gaston Berger conference stage In this talk, we will discuss two large vulnerability research projects we
did in the past few years and how they come together in the form of sophisticated OT/ICS
attacks. Project Memoria was the largest study into the security of embedded TCP/IP
stacks. These stacks are used by hundreds of IT, OT and IoT vendors. ... Read More ...30/06/202311:00 > 11:45Du driver Windows à l'EDR🇫🇷Aurélien Chalot Zone 1 - Gaston Berger conference stage De nos jours les antivirus, pour détecter les malware, reposent
principalement sur l'analyse dynamique. Pour analyser le comportement d'un malware, il
est nécessaire que les solutions d'antivirus aient le moyen d'intercepter ses actions.
Pour cela, Microsoft a ajouté au sein de l'OS Windows ce que l'on appelle des kernel
callbacks. Ces kernels callbacks sont en ... Read More ...30/06/202311:45 > 12:30LAMBDA Malware: The Hidden Threat in Excel Spreadsheets
🇬🇧Yonatan BaumDaniel Wolfman Zone 1 - Gaston Berger conference stage This lecture will discuss a new technique discovered by the Mimecast
Research Team. This technique can be used for embedding malicious scripts in Excel
documents using one of the latest Excel new features - LAMBDA, bringing new life to a
previously considered dead threat. In the lecture, it will be shown how easily the
technique ... Read
More ...30/06/202314:00 > 14:45Prototype Pollution and where to find them🇫🇷BitkSakiir Zone 1 - Gaston Berger conference stage Prototype pollution is a vulnerability in JavaScript applications that can
have varying impacts depending on the complexity and nature of the affected app. It
exploits the prototype inheritance feature of JavaScript, which allows objects to
inherit properties and methods. By manipulating the prototype chain of an object, an
attacker can introduce malicious properties, leading to ... Read More ...30/06/202314:45 > 15:30Parasitage de serveur for fun and profit🇫🇷Damien Cauquil - Virtualabs Zone 1 - Gaston Berger conference stage Les serveurs et applications web reposent sur des technologies qui peuvent
dans certains cas être détournées et utilisées à des fins non-prévues. Il est ainsi
possible de parasiter un serveur ou une application en y stockant des données sans que
ces derniers ne s'en rendent compte tout en permettant leur récupération dans un délai
plus ... Read More ...30/06/202315:30 > 16:15Metawar: The Art and Science of Conflict in the Metaverse
🇬🇧Winn Schwartau Zone 1 - Gaston Berger conference stage Reality Distortion, Dis-information Warfare, Cognitive Infrastructure
Manipulation, and Hacking Control of the Human Experience for God & Country, Power
& Profit By Winn Schwartau, the “"Civilian Architect of Information
Warfare"” (Commodore Pat Tyrrell OBE Royal Navy, 1996) and author of Information
Warfare: Chaos on the Information Superhighway A long time ago, on June 27, 1991, ...
Read More ...30/06/202316:30 > 17:15Practical Threat Hunting: Straight Facts and Substantial Impacts
🇬🇧Grifter Zone 1 - Gaston Berger conference stage A lot has been said about threat hunting, by a lot of people. They'll tell
you how difficult it is, what products you should use, how to automate the pain away,
and how you should've been doing this all along. But here's the thing...you have been
doing it all along. The concepts and techniques aren't ... Read More ...30/06/202317:15 > 18:00ZFS Raiders of the Lost File🇬🇧Nikolaos Tsapakis Zone 1 - Gaston Berger conference stage "A nice summer day I decided that I did not wish to keep my old hard drive.
Before throwing it into junk I started the format process. It was after a couple of
minutes that I realized I had not backed up an important file. Inside that file was a
poem. I jumped over the ... Read More ...30/06/202318:00 > 18:45DPAPI - Don't Put Administration Passwords In🇫🇷Thomas SeigneuretPierre-Alexandre
VANDEWOESTYNE Zone 1 - Gaston Berger conference stage La DPAPI est une API des OS Windows mise à disposition des développeurs pour
stocker facilement les secrets des utilisateurs, sans qu'ils aient à se prendre la tête
avec la partie crypto. Pour les développeurs, il suffit d'utiliser les fonctions Protect
et Unprotect pour respectivement stocker de manière sécurisé les données et accéder aux
données ... Read More
...30/06/202318:45 > 19:30Physical intrusion for fun and profit🇫🇷Anthony Boens Zone 1 - Gaston Berger conference stage Lors de missions de type intrusion physique, les auditeurs se retrouvent
face à différents blocages physiques. Le but de cette présentation a pour objectif de
démontrer que nombreux de ces dispositifs de blocage peuvent être contournés facilement
et sans entraînement. En effet, qui ne s’est jamais retrouvé face à un Digicode en
métal ? Une ... Read More ...01/07/202310:00 > 10:45Vulnerability analysis of a Bluetooth Low Energy padlock
🇫🇷Orlaine Guetsa Alexandre GoncalvesMorgan
Yaklehef Zone 1 - Gaston Berger conference stage The objective of this presentation is to analyze the security of a connected
padlock using the Bluetooth Low Energy protocol, which is widely used in the Internet of
Things (IoT). This study has been conducted in the context of a student project,
co-supervised by INSA Toulouse and EURECOM, and highlights several critical security
issues in ... Read
More ...01/07/202310:45 > 11:30Inside Black Hat: Defending One of the 'Most Hostile Networks in
the World'🇬🇧Grifter Zone 1 - Gaston Berger conference stage The network at Black Hat is like no other network in the world. On an
average network defenders spend most of their day looking for something, anything,
malicious. It's a bit like looking for a needle in a haystack. But what if the majority
of the traffic on your network is malicious? What if it's ... Read More ...01/07/202311:45 > 12:30ADDS Persistance - Un conseil, brûlez tout🇫🇷Charlie Bromberg - ShutdownVolker Carstein Zone 1 - Gaston Berger conference stage Les services de domaine Active Directory offrent un large éventail de
techniques de latéralisation et d'escalade de privilèges. Les professionnels de la
sécurité offensive éthique apprécient souvent AD-DS à cet égard. Mais qu'en est-il de la
persistance ? Nous verrons ensemble que lors de la compromission du domaine AD d'une
entreprise, il vaut probablement mieux ... Read More ...01/07/202314:00 > 14:45KeePass triggers are dead, long live KeePass triggers!
🇫🇷Julien Bedel Zone 1 - Gaston Berger conference stage Souvent utilisé pour stocker les secrets critiques du système d'information,
KeePass est une cible de choix pour les attaquants. Parmi ses nombreuses
fonctionnalités, le logiciel propose un système d’événement-action-condition permettant
l'automatisation de tâches complexes. Ce dernier fut rapidement détourné afin d'extraire
les mots de passe par simple modification d'un fichier de configuration.
Particulièrement discrète, cette ... Read
More ...01/07/202314:45 > 15:30Bot-In-The-Middle Attacks - LLM's and App Security🇬🇧Mark C Zone 1 - Gaston Berger conference stage We have seen tens of thousands of posts, blogs, articles, and more about the
threat of 'Artificial Intelligence' in the news - and the reality is that many
companies, from Microsoft and Google down to small App Dev houses and Academic
Researchers, are exploring how to integrate this technology into applications... so for
better or ... Read More
...01/07/202315:30 > 16:15Trusted Types: DOM XSS Protection at Scale🇬🇧Kian JamaliAaron Shim Zone 1 - Gaston Berger conference stage DOM XSS continues to be the most critical threat to web security. Our
current best defense against DOM XSS is Trusted Types, a browser-based runtime feature
to limit the uses of DOM APIs (and limit the possibility of DOM injection). We will
discuss our approach to using Trusted Types to protect billions of our users, ... Read More ...01/07/202316:30 > 17:15Cutting ties of a vinyl cutter🇫🇷Damien Cauquil - Virtualabs Zone 1 - Gaston Berger conference stage Cricut made a pretty bad move in March 2021 when they decided to limit the
use of their crafting machines to users who did not subscribe to a paid account. The
community rebelled and Cricut stepped back, while their PR department tried to
extinguish the bad buzz. But something has started. People are more and ... Read More ...01/07/202317:15 > 18:00Remplacer la WIN32API pour l'injection de processus🇫🇷Yoann Dequeker - OtterHacker Zone 1 - Gaston Berger conference stage Les injections de processus sont des techniques appréciées, car elles
permettent d'exécuter des charges malveillantes à l'insu des utilisateurs et des outils
de défense. Cependant, les solutions de type EDR ont fortement impacté la fiabilité de
ces techniques. Ce talk a pour but de présenter une méthode sortant des patterns
standard de l'injection de processus ... Read More
...01/07/202318:00 > 18:45How EDRs work and how to bypass them🇫🇷Processus Zone 1 - Gaston Berger conference stage I would like to speak about how Endpoint Detection and Response (EDR)
softwares work and how to defeat every protection, such as AMSI, Sysmon, DLL Hooking or
ETW. The goal of this talk is to allow a good understanding of these protections IN
FRENCH, because many presentations on this subject are only in english. I ... Read More ...01/07/202319:00 > 19:20STRANGER CASE AWARDS🇬🇧 L'Agence Stranger Case va finalement lever le voile sur l'affaire Icarus !
Pour ce grand final de l'événement OSINT organisé par l'ESNA de Bretagne, retrouvez une
collaboration exceptionnelle avec l'École de Guerre Économique ainsi que leHACK dans un
événement mêlant OSINT, HUMINT et SE; le STRANGER x HUNT ! Read More ...01/07/202319:20 > 20:05Pwned by abandonware🇫🇷Antoine Cervoise - CervoiseRomain Huon - Renik Zone 1 - Gaston Berger conference stage Have you ever wanted to play an old DOS/Windows video game on your Linux
laptop? It can be done using for example Wine or DosBox, and then downloading .EXE
abandonware from public websites. But, did you know that this good oldie could have been
quite easily backdoored, in order to get remote code execution on ... Read More ...01/07/202320:05 > 20:50Systèmes transmagnétiques : top ou bottom ?🇫🇷Alexandre Triffaut - MrJackJean-Christophe Cuniasse -
VidoQ Zone 1 - Gaston Berger conference stage Parmi les serrures mécaniques, les systèmes magnétiques sont considérés (en
général à juste titre) comme les plus sécurisés. Par design, ces sûretés sont protégées
contre les méthodes de bumpkeys, pickgun, ou encore l'impressioning. Ces serrures sont
également plus difficiles à crocheter, et leurs clés sont plus difficiles à copier. Mais
surtout, ces systèmes sont trop ... Read More ...
