Ruxcon 2008, MemCheck 0.01 release and presentation slides

I’m back from Ruxcon2008.

First up, a link to http://silvio.cesare.googlepages.com where you can find my MemCheck tool for finding out of bounds heap access in the Linux Kernel and the slides of my ruxcon presentation Security Applications for Emulation.   If you have trouble gett6ing MemCheck to build, which is highly likely since the dependancies are pretty hairy then send me an email.  I will a better package with precompiled binaries and maybe even a qemu image, and write up better docs in the future.

Now for my small roundup of Ruxcon.

I arrived in Sydney on the Friday, so with time to kill I went to UTS in the evening where it was being setup.  I am officially staff, but really I don’t do much, so basically i just loitered and practiced my presentation for the most part.

Lots of people lining up to enter in the morning, even before doors officially were opened.  It was also raining a little which was not good for those waiting.

I didn’t see all the presentations over the weekend as I was manning the staffroom for a couple hours each day.  My favourite talk was probably Netscreen of the Dead: Developing a Trojaned Firmware for Juniper Netscreen Appliances – Graeme Neilson.

I also liked other talks including Browser Rider by Ben mosse as I am pretty new to the web side of things so seeing a xss tunnel was quite suprising for me.

Neil and Steph Archibalds talk on Intelligent Web Fuzzing I thought was interesting, and was impressed that they able to instrumented quite nicely applications like php and mysql.

Daniel Hodson’s talk on Uninitialized Variables was nicely presented and well structured even though a Security Guard interrupted his talk.  For about 5 minutes I thought it was some crazy guy who just wanted to get on stage, but it turned out he had not been informed of when the lecture theatre was closing. 

kuza55’s and Stefano Di Paola’s talk mostly went over my head as it was on Attacking Rich Internet Applications, which was quite indepth on web topics.

I saw Nishad Herath’s talk on  Now you see it, now you don’t – Obfuscation ’08 style.. I guess i agree with his point of view that its essentially a back and forth between attackers and defenders, and I also agree that we need better analysis tools (and as he said, compilers have advanced at really significant rate, while binary analysis tools have had little progress).

I only saw half of Ben Hawke’s talk on Attacking the Vista Heap, as I was rostered for staff duties.  He was impressing on the crowd the important of heap vulnerabilities and giving a background on the technolog.  I think it was becomming more technical as the talk went on, but alas, I had to leave..

Paul Ducklins talk on Javascript is Harder Than you think was very entertaining.  He is a very good speaker.

GPU Powered Malware by Daniel Reynaud covered an interesting topic, and is probably something that we should keep on eye on in the future.

The police obviously see Ruxcon as a more casual affair these days as the AFP representative was wearing jeans during the panel discussion.  It was appropritate however for the occasion.

My presentation went well I think.  If you think so too, send me an email!😉

4 responses to “Ruxcon 2008, MemCheck 0.01 release and presentation slides

  1. ❤ silvio

    just a shame we were all so tired by your presentation!

  2. err, not _BY_ your presentation, by the time your presentation was on… heh

  3. Pingback: Ruxcon08 Cover Up « Indefinite Studies

  4. Hi Silvio, your presentation was definitely one of my favourite. We need more emulation-based and symbolic execution analysis tools!

    I posted a short cover-up with some pics here:
    http://indefinitestudies.wordpress.com/2008/12/05/ruxcon08-cover-up/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s