30/06/202310:00 > 10:15Kernel Panic!🇫🇷MajinbooPsychoBilly Zone 1 - Gaston Berger conference stage Phear not, take a seat, welcome to leHACK, the oldest and wildest french hacking conference. Lire plus30/06/202310:15 > 11:00Project Memoria and OT:ICEFALL : Finding and Exploiting Vulnerabilities in OT networks🇫🇷Simon Guiot Zone 1 - Gaston Berger conference stage In this talk, we will discuss two large vulnerability research projects we did in the past few years and how they come together in the form of sophisticated OT/ICS attacks. Project Memoria was the largest study into the security of embedded TCP/IP stacks. These stacks are used by hundreds of IT, OT and IoT vendors. ... Lire plus30/06/202311:00 > 11:45Du driver Windows à l'EDR🇫🇷Aurélien Chalot Zone 1 - Gaston Berger conference stage De nos jours les antivirus, pour détecter les malware, reposent principalement sur l'analyse dynamique. Pour analyser le comportement d'un malware, il est nécessaire que les solutions d'antivirus aient le moyen d'intercepter ses actions. Pour cela, Microsoft a ajouté au sein de l'OS Windows ce que l'on appelle des kernel callbacks. Ces kernels callbacks sont en ... Lire plus30/06/202311:45 > 12:30LAMBDA Malware: The Hidden Threat in Excel Spreadsheets🇬🇧Yonatan BaumDaniel Wolfman Zone 1 - Gaston Berger conference stage This lecture will discuss a new technique discovered by the Mimecast Research Team. This technique can be used for embedding malicious scripts in Excel documents using one of the latest Excel new features - LAMBDA, bringing new life to a previously considered dead threat. In the lecture, it will be shown how easily the technique ... Lire plus30/06/202314:00 > 14:45Prototype Pollution and where to find them🇫🇷BitkSakiir Zone 1 - Gaston Berger conference stage Prototype pollution is a vulnerability in JavaScript applications that can have varying impacts depending on the complexity and nature of the affected app. It exploits the prototype inheritance feature of JavaScript, which allows objects to inherit properties and methods. By manipulating the prototype chain of an object, an attacker can introduce malicious properties, leading to ... Lire plus30/06/202314:45 > 15:30Parasitage de serveur for fun and profit🇫🇷Damien Cauquil - Virtualabs Zone 1 - Gaston Berger conference stage Les serveurs et applications web reposent sur des technologies qui peuvent dans certains cas être détournées et utilisées à des fins non-prévues. Il est ainsi possible de parasiter un serveur ou une application en y stockant des données sans que ces derniers ne s'en rendent compte tout en permettant leur récupération dans un délai plus ... Lire plus30/06/202315:30 > 16:15Metawar: The Art and Science of Conflict in the Metaverse🇬🇧Winn Schwartau Zone 1 - Gaston Berger conference stage Reality Distortion, Dis-information Warfare, Cognitive Infrastructure Manipulation, and Hacking Control of the Human Experience for God & Country, Power & Profit By Winn Schwartau, the “"Civilian Architect of Information Warfare"” (Commodore Pat Tyrrell OBE Royal Navy, 1996) and author of Information Warfare: Chaos on the Information Superhighway A long time ago, on June 27, 1991, ... Lire plus30/06/202316:30 > 17:15Practical Threat Hunting: Straight Facts and Substantial Impacts🇬🇧Grifter Zone 1 - Gaston Berger conference stage A lot has been said about threat hunting, by a lot of people. They'll tell you how difficult it is, what products you should use, how to automate the pain away, and how you should've been doing this all along. But here's the thing...you have been doing it all along. The concepts and techniques aren't ... Lire plus30/06/202317:15 > 18:00ZFS Raiders of the Lost File🇬🇧Nikolaos Tsapakis Zone 1 - Gaston Berger conference stage "A nice summer day I decided that I did not wish to keep my old hard drive. Before throwing it into junk I started the format process. It was after a couple of minutes that I realized I had not backed up an important file. Inside that file was a poem. I jumped over the ... Lire plus30/06/202318:00 > 18:45DPAPI - Don't Put Administration Passwords In🇫🇷Thomas SeigneuretPierre-Alexandre VANDEWOESTYNE Zone 1 - Gaston Berger conference stage La DPAPI est une API des OS Windows mise à disposition des développeurs pour stocker facilement les secrets des utilisateurs, sans qu'ils aient à se prendre la tête avec la partie crypto. Pour les développeurs, il suffit d'utiliser les fonctions Protect et Unprotect pour respectivement stocker de manière sécurisé les données et accéder aux données ... Lire plus30/06/202318:45 > 19:30Physical intrusion for fun and profit🇫🇷Anthony Boens Zone 1 - Gaston Berger conference stage Lors de missions de type intrusion physique, les auditeurs se retrouvent face à différents blocages physiques. Le but de cette présentation a pour objectif de démontrer que nombreux de ces dispositifs de blocage peuvent être contournés facilement et sans entraînement. En effet, qui ne s’est jamais retrouvé face à un Digicode en métal ? Une ... Lire plus01/07/202310:00 > 10:45Vulnerability analysis of a Bluetooth Low Energy padlock🇫🇷Orlaine Guetsa Alexandre GoncalvesMorgan Yaklehef Zone 1 - Gaston Berger conference stage The objective of this presentation is to analyze the security of a connected padlock using the Bluetooth Low Energy protocol, which is widely used in the Internet of Things (IoT). This study has been conducted in the context of a student project, co-supervised by INSA Toulouse and EURECOM, and highlights several critical security issues in ... Lire plus01/07/202310:45 > 11:30Inside Black Hat: Defending One of the 'Most Hostile Networks in the World'🇬🇧Grifter Zone 1 - Gaston Berger conference stage The network at Black Hat is like no other network in the world. On an average network defenders spend most of their day looking for something, anything, malicious. It's a bit like looking for a needle in a haystack. But what if the majority of the traffic on your network is malicious? What if it's ... Lire plus01/07/202311:45 > 12:30ADDS Persistance - Un conseil, brûlez tout🇫🇷Charlie Bromberg - ShutdownVolker Carstein Zone 1 - Gaston Berger conference stage Les services de domaine Active Directory offrent un large éventail de techniques de latéralisation et d'escalade de privilèges. Les professionnels de la sécurité offensive éthique apprécient souvent AD-DS à cet égard. Mais qu'en est-il de la persistance ? Nous verrons ensemble que lors de la compromission du domaine AD d'une entreprise, il vaut probablement mieux ... Lire plus01/07/202314:00 > 14:45KeePass triggers are dead, long live KeePass triggers!🇫🇷Julien Bedel Zone 1 - Gaston Berger conference stage Souvent utilisé pour stocker les secrets critiques du système d'information, KeePass est une cible de choix pour les attaquants. Parmi ses nombreuses fonctionnalités, le logiciel propose un système d’événement-action-condition permettant l'automatisation de tâches complexes. Ce dernier fut rapidement détourné afin d'extraire les mots de passe par simple modification d'un fichier de configuration. Particulièrement discrète, cette ... Lire plus01/07/202314:45 > 15:30Bot-In-The-Middle Attacks - LLM's and App Security🇬🇧Mark C Zone 1 - Gaston Berger conference stage We have seen tens of thousands of posts, blogs, articles, and more about the threat of 'Artificial Intelligence' in the news - and the reality is that many companies, from Microsoft and Google down to small App Dev houses and Academic Researchers, are exploring how to integrate this technology into applications... so for better or ... Lire plus01/07/202315:30 > 16:15Trusted Types: DOM XSS Protection at Scale🇬🇧Kian JamaliAaron Shim Zone 1 - Gaston Berger conference stage DOM XSS continues to be the most critical threat to web security. Our current best defense against DOM XSS is Trusted Types, a browser-based runtime feature to limit the uses of DOM APIs (and limit the possibility of DOM injection). We will discuss our approach to using Trusted Types to protect billions of our users, ... Lire plus01/07/202316:30 > 17:15Cutting ties of a vinyl cutter🇫🇷Damien Cauquil - Virtualabs Zone 1 - Gaston Berger conference stage Cricut made a pretty bad move in March 2021 when they decided to limit the use of their crafting machines to users who did not subscribe to a paid account. The community rebelled and Cricut stepped back, while their PR department tried to extinguish the bad buzz. But something has started. People are more and ... Lire plus01/07/202317:15 > 18:00Remplacer la WIN32API pour l'injection de processus🇫🇷Yoann Dequeker - OtterHacker Zone 1 - Gaston Berger conference stage Les injections de processus sont des techniques appréciées, car elles permettent d'exécuter des charges malveillantes à l'insu des utilisateurs et des outils de défense. Cependant, les solutions de type EDR ont fortement impacté la fiabilité de ces techniques. Ce talk a pour but de présenter une méthode sortant des patterns standard de l'injection de processus ... Lire plus01/07/202318:00 > 18:45How EDRs work and how to bypass them🇫🇷Processus Zone 1 - Gaston Berger conference stage I would like to speak about how Endpoint Detection and Response (EDR) softwares work and how to defeat every protection, such as AMSI, Sysmon, DLL Hooking or ETW. The goal of this talk is to allow a good understanding of these protections IN FRENCH, because many presentations on this subject are only in english. I ... Lire plus01/07/202319:00 > 19:20STRANGER CASE AWARDS🇬🇧 L'Agence Stranger Case va finalement lever le voile sur l'affaire Icarus ! Pour ce grand final de l'événement OSINT organisé par l'ESNA de Bretagne, retrouvez une collaboration exceptionnelle avec l'École de Guerre Économique ainsi que leHACK dans un événement mêlant OSINT, HUMINT et SE; le STRANGER x HUNT ! Lire plus01/07/202319:20 > 20:05Pwned by abandonware🇫🇷Antoine Cervoise - CervoiseRomain Huon - Renik Zone 1 - Gaston Berger conference stage Have you ever wanted to play an old DOS/Windows video game on your Linux laptop? It can be done using for example Wine or DosBox, and then downloading .EXE abandonware from public websites. But, did you know that this good oldie could have been quite easily backdoored, in order to get remote code execution on ... Lire plus01/07/202320:05 > 20:50Systèmes transmagnétiques : top ou bottom ?🇫🇷Alexandre Triffaut - MrJackJean-Christophe Cuniasse - VidoQ Zone 1 - Gaston Berger conference stage Parmi les serrures mécaniques, les systèmes magnétiques sont considérés (en général à juste titre) comme les plus sécurisés. Par design, ces sûretés sont protégées contre les méthodes de bumpkeys, pickgun, ou encore l'impressioning. Ces serrures sont également plus difficiles à crocheter, et leurs clés sont plus difficiles à copier. Mais surtout, ces systèmes sont trop ... Lire plus
