HACKER PARTY

Yep, it's that time of the year again! Much fun is to be had at BSides Odessa HACKER PARTY 2018!

In 2017, BSides Odessa hosted 60 cyber-sec pros at a huge 5 story-tall mansion near the Black Sea, with an underground cinema serving as a conference hall.

But we can do better. So, this year, we've rented a house right on the beach, with a big swimming pool and a heated jacuzzi serving as the first row seating for you to enjoy our speakers' talks. Seating is limited - first come, first serve.

If you're only coming for the talks, you've missed the point.

As last year, the Party will run for 24 hours non-stop - between noon of Saturday, July 7th and noon of Sunday, July 8th.

BSides Odessa is expected to host around 50 1337 hax00rz, making it small, warm and cosy for you introverts out there.

Our registration CTF ensures no random people are in attendance.

Entrance is free, conditional on your registration CTF progress. Registration process is anonymous and provides access to the event's address, as well as to the CTF.

BSides Odessa is a non-profit, informal, community event where attendees can meet old and make new friends, exchange and broaden their knowledge, all based on a common passion - computer security.

As always, in an attempt to neutralize the gender imbalance in cyber-security field, entrance for women is free and unobstructed. For the event's address, please write us at [email protected]

Speakers

  • Max Max Double penetrating iOS boot process
    (remote)

    Ever wanted to sideload your own firmware onto an Apple hand-held device?
    Oh you lucky bastard, your wet dreams are about to cum true!

    We'll pick apart the entire boot sequence and chain of trust in detail, and use this knowledge to discuss how to create and load a custom firmware, kernel, and disk image alongside the original one.

    Max is a Staff Security Researcher at Lookout with more than 10 years of experience in mobile security, penetration testing, and reverse engineering of mobile/desktop applications and protocols.

  • Dima Dima iOS reverse engineering explained so even YOU can do it
    In this talk we'll discuss and demonstrate practical iOS reverse engineering and patching, "for dummies"-style. We'll cover the tools and show how to use them on an example iOS app, including debugging, disassembling, analyzing and patching it to do our bidding.

    Dima is a freelance security researcher with over 20 years of experience in reverse engineering of applications and network protocols. As of late, he reverse engineers mobile applications and system components (Android/iOS), analyses Android malware, and successfully finds vulnerabilities in both iOS apps and the iOS itself.
  • Alex Alex Exploiting mobile carriers and ISPs
    This presentation is a review of modern and effective methods of attacks on banks and mobile operators. Various methods of attacks will be discussed: classical (like bruteforce with new tricks and targets), attacks on banks' and mobile operators' IVR (including phone support) and some uncommon methods, like attacks on a user's device in mobile network and phone numbers recycling attack.

    All information will be shown with practical cases and (if demo-gods are kind to us) real-time demonstrations.

    Alex is an independent security researcher and IT-security consultant. He's interested in banking, telecom security, and various types of uncommon and rare attacks.
  • Agent Smith Agent Smith Bypassing DPI for fun and no profit
    It is a dark time for the Rebellion. Although the Death Star has been destroyed, the 6688 evil Imperial DPI troops have driven the Rebel forces from their hidden base and pursued them across the galaxy...

    Agent Smith has got 20+ years of experience in low level programming, contributing code to Linux and OpenBSD as a pastime activity. He's interested in security and works with high availability and high loaded web services.
  • Brian Brian Technical breakdown of Turla APT tools and methods
    Turla is a well-known Russian advanced persistent threat (APT) group know for targeting government, military, technology, energy and commercial organizations since 2007. Although Turla is well known for their custom malware rootkits, recently the group has shifted tactics by implementing more generic tools.

    In this presentation we aim to detail the history of Turla, present their tactics and procedures and to give further insights into their new tool named Mosquito.

    Brian has been working in the information security space for over 15 years. He is formally a U.S Department of State and FBI contractor who's now working on his cyber security company Hexcapes LLC. Brian focuses on malware analysis while independently researching cyber security threats.
  • Taras Taras GNU Radio practice for fun and profit
    In this talk & workshop we'll play with gnuradio and detail how cheap, readily available hardware can be used to intercept radio transmissions.
    For a practical example, we'll generate some sines to test our headphones and hearing, build a voice scrambler and an FM receiver, intercept and reconstruct signals from a civilian walkie-talkie, and play with GPS.

    For the workshop, you'll need:
    - a laptop with GNU Radio installed (can be VM but check that USB ports work)
    - headphones (any)
    - 10$ DVB-T USB Dongle (RTL2832U + R820T)

    Taras is an experienced programmer, who's been following cyber-sec for over 15 years. As a hobbie, he hunts bug bounties and enjoys playing with electronics.
  • Alexander Alexander 7 Ways to Get Your Files Encrypted by Ransomware Back
    In the talk, we will discuss different ways how to get your files back after ransomware infection. The focus of the presentation will be on the advanced techniques such as reverse engineering and ransomware patching supplemented with live demos.

    Alexander is the founder and CEO of NioGuard Security Lab with 10+ years experience in malware analysis. As a teacher, he gives the Advanced Malware Analysis course in Ukrainian and EU universities. Alexander has worked for Kaspersky Lab, Lavasoft, Samsung, and Mirantis and spoken at various security conferences such as Virus Bulletin, Virus Analysts Summit, OpenStack Summit, OWASP, HackIT, and BSides.
  • Alex Alex Lock-picking theory A to Z
    This talk will go in-depth on lock-picking theory, covering various types of locks, attacks on them, defences they sometimes implement and how to bypass them, tools used and what characteristics to look for when shopping for the best ones.

    Lock-picking villages are common, but we've noticed a significant lack of theoretical knowledge impeding practical learning, which this talk tries to address. Naturally, you'll be able to practice the obtained knowledge in our lock-picking village.

    Alex is a network engineer with a keen interest in lock-picking, and a wide variety of tools and locks on hand.
  • TBA TBA TBA
    Some talks are still waiting to be approved. If you'd like to speak at our party, email your ideas to cfp-od at our domain securitybsides.org.ua
  • %username% %username% Lightning talks: 5-10 minutes long
    This section is open to every attendee and does not require preparation.

    Share something interesting, fun, success or failure stories you've had, to get an exclusive 1337 t-shirt! No reprints! Talks too short for a 1-hour slot that are still worth telling are welcome here!

CTF




Hello, tovarishch mayor. If you'd like to join the party, here's were to find us.



Donations

Fuck sponsored content and booths.

Nevertheless, organizing a quality event costs like an ICO MVP outsourced to Ukraine. If you'd like to support non-profit events of the Ukrainian Security Community, please follow here and get your awesome "thank you" t-shirt!

Organizers

  • SoftSeq

© Odessa 2018