logo
nav_contact contact venue schedule


niemeyer-2012



"Chaque fois que je mets les pieds dans ce type de conférence, je suis impressionné par la somme considérable de compétences qui y sont réunies, et si je multiplie ce volume de compétences par les quarante et quelques années d'activité qui attendent ces très jeunes chercheurs et ingénieurs, je me dis que l'avenir de notre société est là, que c'est la nouvelle élite du pays, ou des pays, puisqu'en l'occurrence cette conférence est internationale. L'ENA et le Corps des Ponts sont déjà morts et enterrés, mais ils ne le savent pas encore."


Laurent Bloch, Security Expert & Senior Writer

Share0



POUR TOUTE QUESTION A PROPOS DE L'EVENEMENT contact@nosuchcon.org
POUR ETRE SPONSOR sponsors@nosuchcon.org
POUR SOUMETTRE VOTRE PAPIER cfp@nosuchcon.org
POUR TOUTE QUESTION PRESSE OU MEDIA vloquet@alx-communication.com




POUR TOUTE QUESTION A PROPOS DU CHALLENGE challenge@nosuchcon.org
POUR TOUTE QUESTION A PROPOS DU CTF ctf@nosuchcon.org




POUR TOUTE QUESTION A PROPOS DU SITE WEB webmaster@nosuchcon.org



GPG

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQENBFREzLUBCAC40ypCP3HbFvQm0kQWBMsHceWpJtKWrGc4R5mtnDYpB0vATd4O
FicyJsFugXq8e/EIjQlJR3RPfheK2RDi40zu36v/hAqmAkRGdgyKLDbyFzaY2tAr
4ONJ+/hzuYTAmC4cGnm9Lr+WpzuuG/078ODts/5JFxdroWeW9IbYxhiVfuqeIPY2
RLWUQZmlm8ylc4ZaE/Mdwq81EMtZbhl7Av9EvonALkuuiIenozplhT37fQoR4YyS
1qHlBm8yauiX4jBY0Ad61SucFiboHm0IRazelncThpCKXS760ia6A42qIhKySUVP
U+f5WnRsgYWRGEkFcTi+fKiWXe7Yfo71keg/ABEBAAG0T05vU3VjaENvbiAyMDE0
IChVc2UgdGhpcyBrZXkgZm9yIDIwMTQgZWRpdGlvbiBvZiBOb1N1Y2hDb24pIDxj
ZnBAbm9zdWNoY29uLm9yZz6JATgEEwECACIFAlREzLUCGwMGCwkIBwMCBhUIAgkK
CwQWAgMBAh4BAheAAAoJENIzASpuOIbUqSAIAIO3ZVfZfXP/bZgVPLW+tDwrCcIT
HyYoKJ93iujl5Kn4JE+iVzCJ0yMbVQUroc4bovN1XXE+Z5lrOMwPdvOF7cmpdxgZ
LSRMKzVDEeZjPMmcMs9w/vViIFfAjkCvpBDH8UYd/SgWhxmKjB5hp2SHVijUirGl
yXxrPkvxlTrkKcHA2EsRYLrCzbahkPdYpIP7GI4m6+RrXpB5AMm//bUf1gHwaL3z
CnpZ6bWZhjowis3hKNeoy4x+LTK6OGFAL9u7QrIg30wuf8nusSmytSzxD5I6yKAV
rcF3H3srelw1Up2bVVFlSBg5TlbzTWdV0DaZAVfobWesVdt7pBwbtAXhife5AQ0E
VETMtQEIANdN1gbE0jZDc1Q3YFkJsRk5/VtPH13G2771Q1yOx2aFLXsqhtEEUs0m
sQMOQWHoS5WUJf33O2wZ/s6fu4hlSmJmtD+mUEShx2KppDVC2b+x65q64+IsLzlu
nGYnWYFlYN2HXkf+y3oHmCiPizHppRyk2+yMHgjBybQxMJHcK29rw/X019AWN/if
arPd0HdJhYB4gJAJ41KO9sCZR7OEeAJDA4kI3qt4lcKwqJMbryEqgjxcFZCOKFEi
nPFkpPu/2XcoL7Ls3ldPfhXgijXlIrFtFNL9PNLT+sJUgZYHJXLl6FKCNB/KgDEo
ov9kB0cisn1AkEAwYRlmiveh72SDghkAEQEAAYkBHwQYAQIACQUCVETMtQIbDAAK
CRDSMwEqbjiG1Mw9B/9MowQFqf8CSovVGSwqk2Os4grdiFndjoDjqwVf46WojUYV
pvRqZoHA4tPxKJ76F9w24A5dYVeYpMXQwUoR4G5zjy4J7qd+0Dcl20LBHzk6Pw0p
6tyX7Mp2irL4i8CS7D1hUVbntIRJ2v2RRXCO/qdFBv+kIcOU1yyXsqjz1hYCH69l
C3HFXYoQOd9DV9MusYydtPt5880dwYxf/qMNZFjnio1nS5ADWAt28PmyCMLA5AwZ
rusyd9LaOBA9zZQcIT4K06tjO9boUbP++0efmARSxSPQKt94SWv3GrxUEoQJw81q
NXtAA7fFtMh0dZSlPgIroud8kV20EIkGh2HBDk4n
=XUt1
-----END PGP PUBLIC KEY BLOCK-----
				






venue_flag_1

ESPACE OSCAR NIEMEYER
2 PLACE COLONEL FABIEN
75019 PARIS, FRANCE
01 40 40 12 12
METRO 2 COLONEL FABIEN



venue_flag_h1
HIPOTEL PARIS BELLEVILLE
21 Rue Vicq d’Azir,
75010 Paris, France
+33 1 42 08 06 70
www.hipotel.fr

venue_flag_h2
HÔTEL IBIS
12 Rue Louis Blanc,
75010 Paris, France
+33 1 42 08 21 40 (fax)
www.accorhotels.com

venue_flag_h3
LIBERTEL CANAL SAINT MARTIN
5 Avenue Secrétan,
75019 Paris, France
+33 1 42 06 62 00
www.hotel-canal-saint-martin.com

venue_flag_h4
BUTTES CHAUMONT HOTEL PARIS
4 Avenue Secrétan,
75019 Paris, France
+33 1 42 45 33 81 ‎
www.hipohotel.fr

venue_flag_h5
CAMPANILE
232 Rue du Faubourg Saint-Martin,
75010 Paris, France
+33 1 40 34 38 50 (Fax) ‎
www.campanile-paris-gare-du-nord.fr

NoSuchCon est une conférence sur 3 jours, organisée par des bénévoles regroupés dans une association “loi 1901”.

Ce projet a été initié par des membres éminents de la “cybercommunauté”, habitués des conférences de sécurité informatique internationales, et précédemment organisateurs de la conférence Hackito Ergo Sum. Chaque membre de l’association est impliqué à des degrés divers dans des projets variés de la “cybercommunauté” internationale. L’équipe organisatrice est mûe par l’ambition de regrouper les meilleurs chercheurs en sécurité informatique, afin de favoriser les échanges et le partage des connaissances, in fine d’accroitre le niveau technique de la communauté dans son ensemble.

NoSuchCon présente des contenus nouveaux et originaux dans le domaine de la sécurité informatique. La conférence est un lieu d’attraction pour les professionnels de tout bord: professionnels, passionés, hackers ; certains renommés, d’autres plus discrets. La conférence permet à tous de se rencontrer, afin de faire émerger de nouvelles tendances et de nouvelles pistes de recherche, anticipant sur les défis à venir.

NoSuchCon est à la fois le lieu des notables de la “cybercommunauté” tout comme celui des jeunes talents à l’aube d’une carrière prometteuse, ou ceux qui souhaitent au contraire rester dans l’anonymat. NoSuchCon poursuit plusieurs objectifs, mais s’efforce en premier lieu de favoriser les échanges et de fédérer différentes communautés: étudiants, acteurs industriels de premier plan, secteur public. De la place est accordée aussi bien aux démonstrations pratiques qu’aux recherches théoriques innovantes.

Parmi les thèmes abordés: recherche et exploitation de vulnérabilités, architectures SCADA, reverse engineering, attaques sur les infrastructures critiques, sécurité du Cloud Computing, botnets, veille et analyse des menaces, etc.

Le comité de programme se compose de hackers et de chercheurs en sécurité informatique les plus réputés internationalement, aussi bien du monde académique que du monde industriel, afin d’assurer la qualité du contenu présenté. Il s’agit d’un comité unique par sa diversité. Enjambant les frontières géographiques et les chapelles habituelles, surmontant les divergences idéologiques et économiques, le comité de programme s’intéresse aux talents partout où ils se trouvent.


CO-FOUNDERS

Joffrey Czarny



Joffrey Czarny (Sn0rky)
Security researcher, VoIP hacker, Ambassador of Happiness and Healthy Living



Renaud Bidou



Renaud Bidou
No comment



Cedric Blancher



Cedric Blancher (Sid)
Researcher, serial-speaker, snowboarder and skydiver

"Sid" Blancher, the first president of NSA (No Such Association) who left us in November 2013. The ISS community misses him very much. Surely enough, he will be with the rest of us to make NSC 2014 an amazing experience.



Jonathan Brossard



Jonathan Brossard (Endrazine)
Elite computer terrorist. Old school reverse engineer. Speaker at Blackhat/CCC/Defcon.



Veronique Loquet



Veronique Loquet
Relationista behind the scenes, involved in some hackers communities around the planet with an historic focus on open source and security areas.



Arnaud Malard



Arnaud Malard (Sud0man)
Pentester, researcher (when I have time), skier, snowboarder and father of 2 tiny hackers.



Nicolas Massaviol



Nicolas Massaviol
The flying security guy



Nicolas Ruff



Nicolas Ruff (Newsoft)
Security researcher, hacker, blogger, serial speaker, troll herder, happy father, and more ...



Sébastien Rummelhardt



Sébastien Rummelhardt
Assistant deputy director, Propaganda Department (Propdep) -- Ministry of Truth, Bullshistan.




Matt Suiche



Matt Suiche
Well known for his technical contributions to the law-enforcement community for the Windows hibernation file, Windows physical memory acquisition and Mac OS X Physical Memory Analysis. Speaker at PacSec, BlackHat USA, EUROPOL High Tech Crime Meeting, Shakacon...







PARTICIPATION OF

Stephane Avi



Stéphane Avi
Pentester and more ...

Valerie Micaux



Valérie Micaux (athoms)
Graphic designer at home, happy girl and snowboarder






CHALLENGES


synacktiv







GPG

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQENBFREzLUBCAC40ypCP3HbFvQm0kQWBMsHceWpJtKWrGc4R5mtnDYpB0vATd4O
FicyJsFugXq8e/EIjQlJR3RPfheK2RDi40zu36v/hAqmAkRGdgyKLDbyFzaY2tAr
4ONJ+/hzuYTAmC4cGnm9Lr+WpzuuG/078ODts/5JFxdroWeW9IbYxhiVfuqeIPY2
RLWUQZmlm8ylc4ZaE/Mdwq81EMtZbhl7Av9EvonALkuuiIenozplhT37fQoR4YyS
1qHlBm8yauiX4jBY0Ad61SucFiboHm0IRazelncThpCKXS760ia6A42qIhKySUVP
U+f5WnRsgYWRGEkFcTi+fKiWXe7Yfo71keg/ABEBAAG0T05vU3VjaENvbiAyMDE0
IChVc2UgdGhpcyBrZXkgZm9yIDIwMTQgZWRpdGlvbiBvZiBOb1N1Y2hDb24pIDxj
ZnBAbm9zdWNoY29uLm9yZz6JATgEEwECACIFAlREzLUCGwMGCwkIBwMCBhUIAgkK
CwQWAgMBAh4BAheAAAoJENIzASpuOIbUqSAIAIO3ZVfZfXP/bZgVPLW+tDwrCcIT
HyYoKJ93iujl5Kn4JE+iVzCJ0yMbVQUroc4bovN1XXE+Z5lrOMwPdvOF7cmpdxgZ
LSRMKzVDEeZjPMmcMs9w/vViIFfAjkCvpBDH8UYd/SgWhxmKjB5hp2SHVijUirGl
yXxrPkvxlTrkKcHA2EsRYLrCzbahkPdYpIP7GI4m6+RrXpB5AMm//bUf1gHwaL3z
CnpZ6bWZhjowis3hKNeoy4x+LTK6OGFAL9u7QrIg30wuf8nusSmytSzxD5I6yKAV
rcF3H3srelw1Up2bVVFlSBg5TlbzTWdV0DaZAVfobWesVdt7pBwbtAXhife5AQ0E
VETMtQEIANdN1gbE0jZDc1Q3YFkJsRk5/VtPH13G2771Q1yOx2aFLXsqhtEEUs0m
sQMOQWHoS5WUJf33O2wZ/s6fu4hlSmJmtD+mUEShx2KppDVC2b+x65q64+IsLzlu
nGYnWYFlYN2HXkf+y3oHmCiPizHppRyk2+yMHgjBybQxMJHcK29rw/X019AWN/if
arPd0HdJhYB4gJAJ41KO9sCZR7OEeAJDA4kI3qt4lcKwqJMbryEqgjxcFZCOKFEi
nPFkpPu/2XcoL7Ls3ldPfhXgijXlIrFtFNL9PNLT+sJUgZYHJXLl6FKCNB/KgDEo
ov9kB0cisn1AkEAwYRlmiveh72SDghkAEQEAAYkBHwQYAQIACQUCVETMtQIbDAAK
CRDSMwEqbjiG1Mw9B/9MowQFqf8CSovVGSwqk2Os4grdiFndjoDjqwVf46WojUYV
pvRqZoHA4tPxKJ76F9w24A5dYVeYpMXQwUoR4G5zjy4J7qd+0Dcl20LBHzk6Pw0p
6tyX7Mp2irL4i8CS7D1hUVbntIRJ2v2RRXCO/qdFBv+kIcOU1yyXsqjz1hYCH69l
C3HFXYoQOd9DV9MusYydtPt5880dwYxf/qMNZFjnio1nS5ADWAt28PmyCMLA5AwZ
rusyd9LaOBA9zZQcIT4K06tjO9boUbP++0efmARSxSPQKt94SWv3GrxUEoQJw81q
NXtAA7fFtMh0dZSlPgIroud8kV20EIkGh2HBDk4n
=XUt1
-----END PGP PUBLIC KEY BLOCK-----
				






VERSION PRECEDENTE




Andrea Allievi - Understanding and defeating Windows 8.1 Patch Protections: it’s all about gong fu! (part 2)

Andrea Allievi

Andrea Allievi is an Italian computer security researcher with over 6 years experience. He graduated in 2010 from University Milano Bicocca with a Bachelor’s degree in Computer Science. For his thesis, he developed a Master Boot Record (MBR) Bootkit entirely in 64 bit capable of defeating some Windows 7 protections. He is also the original designer of the first UEFI Bootkit. Andrea specialized in operating systems internals, from kernel level code all the way to user-land code.

He has completed a lot of security-related researches, ranging from all kind of Malware (especially Kernel-mode rootkit) to the analysis of particular Operating systems security features (like Windows 8 AppContainers for example).

Andrea works as a Security Researcher in the Talos Security Research and Intelligence Group at Cisco Systems Inc.



Jean-Philippe Aumasson - Cryptographic Backdooring

Jean-Philippe Aumasson

We describe the different classes of cryptographic backdoors, which depend on where sabotage occurs in the cryptographic supply-chain. We characterize and categorize backdoors, in terms of discoverability, detectability, and exploitability, and propose semi-formal definitions in order to encourage a more rigorous study of malicious cryptography.

Several examples are discussed, from straightforward coding backdoors to Dual_EC or the recent sabotaged SHA-1 instances.

Jean-Philippe (JP) Aumasson is Principal Cryptographer at Kudelski Security, in Switzerland. He is known for designing the cryptographic functions BLAKE, BLAKE2, SipHash, and NORX. He has spoken at conferences such as Black Hat and CCC, and initiated the Crypto Coding Standard and the Password Hashing Competition projects. He is member of the technical advisory board of the Open Crypto Audit Project. JP tweets as @veorq.



Andrea Barisani - Forging the USB armory

Andrea Barisani

Inverse Path recently introduced the USB armory project, an open source hardware design, implementing a flash drive sized computer for securityapplications. The USB armory is a compact USB powered device that provides a platform for developing and running a variety of applications.

The security features of the USB armory System on a Chip (SoC), combined with the openness of the board design, empower developers and users with a fully customizable USB trusted device for open and innovative personal security applications.

The presentation will cover the journey that we have taken to develop the USB armory board from scratch, explaining the lessons learned and its prospected applications.

Andrea Barisani is an internationally known security researcher. Since owning his first Commodore-64 he has never stopped studying new technologies, developing unconventional attack vectors and exploring what makes things tick...and break.

His experiences focus on large-scale infrastructure administration and defense, forensic analysis, penetration testing and software development, with more than 13 years of professional experience in security consulting.

Being an active member of the international Open Source and security community he contributed to several projects, books and open standards. He is now the founder and coordinator of the oCERT effort, the Open Source Computer Security Incident Response Team.

He has been a speaker and trainer at BlackHat, CanSecWest, DEFCON, Hack In The Box, PacSec conferences among many others, speaking about TEMPEST attacks, SatNav hacking, 0-days, OS hardening and many other topics.



Anthony Zboralski - No Such Security

Anthony Zboralski

Anthony Zboralski is a computer hacker who has worked as a security expert for nearly 20 years. He has experience performing penetration tests, security assessments and related services for industries areas ranging from manufacturing through telecommunications and banking to government. Some of his activity as a teen was recorded by security expert and technologist Bruce Schneier: “In 1994, a French hacker named Anthony Zboralski called the FBI office in Washington, pretending to be an FBI representative working at the U.S. embassy in Paris. He persuaded the person at the other end of the phone to explain how to connect to the FBI’s phone conferencing system.

Since then Zboralski has turned his attention to information security. He has assisted numerous governments and dozens of Fortune 500 companies to help test the security of systems and highlight their vulnerabilities. He is now founder and CEO of Belua, an experimental search engine dubbed “the anti-google project



Nicolas Collignon - Google Apps Engine security

Nicolas Collignon

Based on a feedback from multiple penetration tests and codes reviews, this talk answer practical questions concerning GAE: How secure is the Google GAE infrastructure? How Google protects your applications? How a GAE application hosted in Google datacenters may affect the security of your internal network?

This talk is not about theory or trolling on “is-cloud-good-or-wrong”, but will present real-world attacks, including arbitrary code execution to escape the Python sandbox in the Google datacenters and exploration of the GAE platform outside of the Python sandbox.

Nicolas Collignon has been auditing and pentesting information systems for more than 9 years. He’s the author of several publications such as “Playing with Windows /dev/(k)mem”, “Tunneling TCP over RDP: rdp2tcp”, “Shell over DTMF”, “VMware and virtualization security” or “JSF ViewStates upside-down”. He is currently leading the penetration testing team at Synacktiv. For the last 2 years, he has spent a considerable amount of time hacking Android operating system and Google services.



Benjamin Delpy - Mimikatz

Benjamin Delpy



Benjamin Delpy, is a security researcher know as 'gentilkiwi'. Presented at Black Hat, Defcon, PHDays, BlueHat, and more. Security enthusiast, he publishes tools and articles in order to speak about product weaknesses and to prove some of his ideas. Mimikatz was his first software that reached an international audience. It is now recognized as a Windows security audit tool - http://blog.gentilkiwi.com/mimikatz



Sebastien Dudek - HomePlugAV PLC: practical attacks and...

Sebastien Dudek

Domestic Power-line Communication (PLC) devices are used to extend a LAN network as well as WiFi does, but using the power-line support. Even if PLC have a bad reputation because of few aspects in the past (bad security, bad speed, not stable because of perturbations, ...), this technology grown up and offers a better connection, more stable with an encrypted conversation between two PLC devices. Someone who wants to extend his private network easily without additional wires, or without spending a 'fortune' on wireless repeaters, will use PLCs. Moreover, Internet Service Providers in France usually provide a HomePlugAV embedded in the power supply of their routers and set-top-boxes. As HomePlugAV is implemented on a lot of devices, we were interested to study their security, and their weaknesses.

In this talk, we will see how PLC work with a detailed network analysis. Then we will discover few practical attacks to penetrate, and backdoor a private LAN.

Sébastien Dudek is a security researcher at Sogeti ESEC R&D labs. His main fields of interest are radio communication technologies (GSM, GPRS, RFID, Wi-Fi, POCSAG, DECT...), but also other areas like software, web, and network security.

He has been a speaker at Hack.lu 2012 speaking about GSM protocol stack fuzzing and his fuzzing environment. Interested in application security, particularly on Linux, he has also contributed for the french magazine MISC #62 on current Linux mitigations, and possible ways to bypass them.



Georgi Geshev - Your Q is my Q

Georgi Geshev

Message Queueing concepts are well established in enterprise environments which are already known to be fairly insecure. Now that the Internet of Things is gaining momentum, MQ is also the lightweight mechanism of choice for communicating with your fridge and toaster. We discovered a series of vulnerabilities in several widely adopted MQ implementations that would allow an adversary to cause a mass disruption in your corporate network or maybe pull off the shadow file from your neighbours' microwave. General MQ concepts will be briefly introduced to the audience, followed by a short attack surface walk-through and quick review of the common vulnerabilities and typical misconfigurations and ways to identify and leverage them for fun or profit.

Georgi is a security researcher for MWR InfoSecurity in the UK. Prior moving to the UK, he worked in Australia where he was mostly drinking golden ales and fighting with kangaroos. He was at some point of his life involved with a couple of local chapters of OWASP. His main areas of interest include bug hunting, reverse engineering and cryptography.



Ezequiel Gutesman - Blended Web and Database Attacks on Real-time, In-Memory Platforms

Ezequiel Gutesman

It is well known there is a race going on in the "Big Data" arena (take a drink for even thinking about the "Internet of Things"). One of the stronger competitors in the "Big Data" market is Real-Time, In-Memory Platforms. An interesting thing about this platform and, the one we will talk about specifically, is that it blends everything to increase performance. The database tables, webserver engine, webserver code, authorization, analytics engine, libraries, etc. are all optimized to, if possible, never touch the disk.

Surprisingly, this causes a perspective shift for the web and database application threat landscape and how security professionals should address it.

Ezequiel Gutesman is Director of Research at Onapsis. He has led security research projects for the last 10 years giving talks and presentations in international security conferences such as Black Hat, Hack.Lu and Ekoparty. Ezequiel is responsible for Onapsis innovation in cutting-edge ERP security assessment techniques and defensive technologies.



Peter Hlavaty - Attack on the Core

Peter Hlavaty

Kernel vulnerabilities was commonly used to obtain admin privileges, and main rule was to stay in kernel as small time as possible! But nowdays even when you get admin / root then current operating systems are sometimes too restrictive. And that made kernel exploitation nice vector for installing to kernel mode!

In this talk we will examine steps from CPL3 to CPL0, including some nice tricks, and we end up with developing kernel mode drivers.

Peter (@zer0mem) is a security researcher at KEEN Team (@K33nTeam) and his primary focus is kernel exploitation. Peter has 4+ years’ experience at IT security in different areas as malware research, developing anti-APT solutions or windows kernel dev & research.



Alex Ionescu - "SURPRISE TALK"

Alex Ionescu

Alex Ionescu is the Chief Architect at CrowdStrike, Inc. Alex is a world-class security architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He is coauthor of the last two editions of the Windows Internals series, along with Mark Russinovich and David Solomon. His work has led to the fixing of many critical kernel vulnerabilities, as well as to over a few dozen non-security bugs.

Previously, Alex was the lead kernel developer for ReactOS, an open source Windows clone written from scratch, for which he wrote most of the Windows NT–based subsystems. During his studies in Computer Science, Alex worked at Apple on the iOS kernel, boot loader, and drivers on the original core platform team behind the iPhone, iPad and AppleTV.



Richard Johnson - Fuzzing and Patch Analysis: SAGEly Advice

Last year, in “Taint Nobody Got Time for Crash Analysis”, we presented implementations of analyses performed on taint traces that included a tool to help determine input leading to a crash and an exploitability evaluation tool based on symbolic execution. This year we will expand on these topics with a study of our efforts towards improving the effectiveness of binary differential analysis (bindiff) and replicating Microsoft Research’s work on the “Scalable, Automated, Guided Execution” (SAGE) fuzzer. Richard Johnson is a computer security specialist in the area of software vulnerability analysis. Richard currently fills the role of Manager of Vulnerability Development in charge of vulnerability discovery, triage, and mitigation research within Cisco Sourcefire VRT, offering 12 years of expertise and leadership in the software security industry. Current responsibilities include research on exploitation echnologies and automation of the vulnerability triage and discovery process. Previous areas of security research and tool development include program execution tracing, taint analysis, fuzzing strategies, memory management hardening, compiler mitigations, disassembler and debugger design, and software visualization. Richard has released public code for binary integrity monitoring, program debugging, and reverse engineering and has presented annually at top-tier industry conferences worldwide for over a decade. Richard is also a co-founder of the Uninformed Journal.



Renaud Lifchitz - Quantum computing in practice

Renaud Lifchitz

There are a lot of fantasies and myths about quantum computers. Do they exist? In what are they useful? Dive into quantum computing and learn how to develop your own quantum algorithms and run them. Discover how cryptography will be affected and change in the next future.

Renaud Lifchitz is a French senior IT security consultant. He has a solid penetration testing, training and research background. His main interests are protocol security (authentication, cryptography, protocol security, information leakage, zero-knowledge proof, RFID security) and number theory (integer factorization and primality tests).

He currently mostly works on wireless protocols security and was speaker for the following international conferences: CCC 2010 (Germany), Hackito Ergo Sum 2010 & 2012 & 2014 (France), DeepSec 2012 (Austria), Shakacon 2012 (USA), 8dot8 2013 (Chile).



Rob Rachwald - The Nitty Gritty of Sandbox Evasion

Rob Rachwald

With organizations facing a deluge of cyber-attacks, virtual-machine sandboxing has become a popular tool for quickly examining legions of files for suspicious activity. These sandboxes provide isolated, virtual environments that monitor the actual behavior of files as they execute. In theory, this setup enables security professionals to spot malicious code that evades traditional signature-based defenses.

But sandboxes are only as good as the analysis that surrounds them. By themselves, sandboxes can only monitor and report file activity, not analyze it. And unfortunately for organizations that rely on them, the file-based sandboxes used by many vendors are proving oblivious to the latest malware. Attackers are using a variety of techniques to slip under the radar of these sandboxes, leaving systems just as vulnerable as they were before.

Rob Rachwald has worked in security for more than 15 years. At Intel, Rob worked on securing their supply chain management system. Additionally, Rob managed product marketing at code review companies Fortify and Coverity. Before joining FireEye, Rob was at Imperva for four years as the senior director of security strategy and oversaw Imperva¹s thought leadership initiatives.



Braden Thomas - Exploitation of a hardened MSP430-based device

Braden Thomas

This presentation walks through the reverse-engineering and exploitation of a hardened embedded device and provides certain techniques you can use to exploit similar devices. As MSP430 devices become more common, it is slowly becoming the norm to encounter devices in production with blown JTAG fuses. Previously, this was a significant hurdle. In 2008, Goodspeed described several attacks against the MSP's BSL (bootstrap loader). This presentation will review those attacks and describe the challenges facing a researcher attempting to perform them. This presentation will demonstrate how to reliably perform successful firmware extraction on a MSP430 with a blown JTAG fuse. Additionally, the presentation will cover what you might see while reverse-engineering MSP430 firmware. Finally, it will describe a software-only attack that uses a feature of BSL to extract sensitive data from RAM.

Braden is currently a senior research scientist at Accuvant, focusing on embedded research in the AMI and medical device industries. Prior to Accuvant, he worked as a Product Security Engineer at Apple for 6 years.

At Apple, Braden focused on drastically increasing the internal fuzzing throughput and coverage, as well as performing proactive security reviews for many high-profile features.



Guillaume Valadon, Nicolas Vivet - Detecting BGP hijacks in 2014

Guillaume Valadon

Nicolas Vivet

The main goal of this talk is to raise awareness of routing security issues by providing a tutorial on the BGP routing protocol and on the detection of specific routing events called IP prefixes hijacks. We hope that the security community that attends NSC will find interest in network-related issues. In a nutshell, such events happen when two network operators announce overlapping IP prefixes using BGP. As a consequence, IP packets could be delivered to these two operators. The final destination mainly depends on the home network of the sender. Overlapping announcements can disturb the whole Internet as observed in 2008 when YouTube traffic was partially redirected to Pakistan Telecom.

However, duplicated and overlapping announcements may also be legitimate when an operator wishes to distribute its DNS servers using anycast to filter out DDoS attacks, or needs to assign IPv4 resources to its clients. As a consequence, detecting and classifying hijacks is a challenging task, not only because the dataset is large (around 500 Gb per year), but also because of engineering and commercial practices.

We have been monitoring events that affect French network operators since 2011. This talk will present issues that must be addressed while trying to detect hijacks on the Internet, and focus on France as well as Europe to provide examples.

The outline of the talk will be the following: 1. how does BGP work ? 2. what are hijacks ? 3. engineering Best Current Practices defined by the networking community that could block them 4. offline detection: challenges & results 5. online detection & active measurements: challenges & results.

Guillaume is an Internet professional that works for ANSSI and holds a PhD in networking. He likes looking at data and crafting packets. In his spare time, he maintains Scapy and tries to learn reversing stuffs. Also, he still remembers what AT+MS=V34 means.

Nicolas is a network security engineer at ANSSI, French Network and Information Security Agency. He spends his days developing elegant solutions to Internet-scale problems. He also works on the security of a wide range of network related devices.



Damien Cauquil - Hardware Workshop - Fun with RF remotes

Damien Cauquil

RF remotes are cheap and everywhere, and pretty easy to hack: people knows about Software Defined Radio and how much fun it could bring to the masses. SDR is cool but requires some specific knowledge and not-very-affordable tools when it comes to send crafted RF signals, i.e. with an HackRF or a BladeRF board. This workshop will demonstrate how a RF remote basically works (electronics, RF protocol, data encoding) and how to turn it into an attack tool without using any microcontroller or computer.

No computer programming nor electronics skills required, only a brain and two hands. We will provide all further required materials to the attendees.

Damien Cauquil is the R&D Director at Sysdream, a French IT security company but also a professional pentester who loves reverse-engineering, coding and other security-related topics.

Les tickets Early bird sont limités en nombre...


TO BE SPONSORS sponsors@nosuchcon.org


sponsor_exclusive microsoft winamax

beyond




sponsor_platinium vupen econocom

fireeye airbus

intel trend micro




sponsor_sponsors thales lexfo eset

synacktiv cogiceo

oppida hsc sans

bull splunk lumisec

yes sysdream virtualabs

cdaisi ak crowdstrike


sponsor_medias ossir clusif misc

techtv cnis cesin

xmco
TL;DR
=====

Conference: NoSuchCon 2014
Date: 19-21 November
Venue: Paris, France
Motto: "the bullshit-free conference"
CFP deadline: September 30st 2014
Web: www.nosuchcon.org
Contact: cfp{at}nosuchcon.org
Twitter: @NoSuchCon

Details
=======

The USA are sucking oil from this planet up to the last bit. Russia has invaded Western Europe. Crypto has failed. You cannot wipe your a** with your Bitcoins, because it is not even paper. Justin Bieber almost lost his O-1 visa. Jade the Rabbit is dead. Only 7% of Yahoo! video chats actually involve nudity.

Clear signs that the end of the world is coming.

What are *you* going to do? Getting drunk with cheap Bud? Do yourself a favor: settle for no less than Champagne. Or at least Bordeaux wine. Submit to NoSuchCon 2014!

If you are not clever enough to have been abducted by Cicadia 3301, but still smart enough to be in the "cybersecurity" field those days, do not miss this unique opportunity to gather one more time before the Cybergeddon. Show up with never-seen-before and hardcore research materials to NoSuchCon 2014!

If you call yourself a hacker, but did not sell your company over $19bn (yet), stay calm and submit to NoSuchCon 2014! We provide free trips to Paris for the best of you!

This operation will be known as PONY COLLECTION. And do not worry, there will be NSA[*] members all around the place. Wearing orange T-Shirts. Just like last year[**].

It all started here: cfp{at}nosuchcon.org

At least if you can write at least 20 lines of text before September 30st.

Wow. Such Conference. So 2014. Many submissions.

[*] No Such Association
[**] https://twitter.com/k8em0/status/335258070471016448/photo/1

Program Committee
=================

Ange Albertini @angealbertini
Julio Auto @julioauto
Piotr Bania @piotrbania
Sergey Bratus @sergeybratus
Jonathan Brossard @endrazine
Cesar Cerrudo @cesarcer
Travis Goodspeed @travisgoodspeed
Alex Ionescu @aionescu
Tim Kornau
Itzik Kotler @itzikkotler
Aaron Portnoy @aaronportnoy
Nicolas Ruff @newsoft
Peter Van Eeckhoutte @corelanc0d3r
Nicolas Waisman @nicowaisman
Arnaud Abbati @noarfromspace
Xavier Mertens @xme
Jean-Philippe Aumasson @veorq
Bruce Monroe
Vincent Benony @bSr43
Saumil Shah @therealsaumil
Florian Ledoux @myst3rie
                            


uhuru

Hackathon Uhuru Mobile - détails et conditions opérationnelles



Trois téléphones Nexus 5, fournis par les organisateurs de la conférence et équipés de la dernière version Uhuru Mobile, seront disponibles sur place pendant les 3 jours.

Les téléphones seront en configuration client (chiffrés et initialisés). Les différents mots de passe (de déchiffrement et de déverrouillage) seront fournis aux participants.

L'objectif est de récupérer un fichier qui sera stocké dans les données des applications. Afin de valider la récupération du fichier, le participant doit remettre au jury l'ensemble des codes et ressources nécessaires à la reproduction de l'attaque.

Le prix est fixé à 300 euros pour le premier (à partager entre les gagnants s'ils ont joué en équipe). Le jury est constitué de personnels de la société Nov'IT et de l'association NoSuchAssociation. Le concours commence à l'ouverture de la conférence et se termine à la clôture de la conférence.

Il n'y pas d'inscription préalable, toute personne assise à la table du concours peut jouer. Toute personne qui quitte la table laisse sa place au suivant. Premier arrivé, premier servi.

davfi
uhuru



synacktiv

crackmips.tar.gz


Règles du jeu :

Le concours est ouvert à tous, sauf aux employés de Synacktiv et aux organisateurs de la conférence NSC.

La participation au challenge peut être anonyme mais le gagnant devra fournir son identité pour recevoir le lot.

Pour gagner le concours, il faut découvrir et envoyer un mot de passe vers une adresse email de la forme [0-9a-f]{16}@synacktiv.com. Ces deux éléments sont la solution du troisième challenge. Puis il faut renvoyer dans un délai de 10 jours une solution rédigée.

Le gagnant est la première personne à envoyer cet email.

La solution doit être rédigée en anglais ou en français et doit contenir les différentes démarches utilisées pour résoudre chaque étape du challenge, ainsi que les outils éventuels utilisés (les outils privés peuvent le rester mais l'auteur devra décrire leur fonctionnement général).

Le challenge se termine le lundi 3 novembre à 10h, heure de Paris.

Le prix pour le gagnant du challenge NSC 2014 est un billet d'entrée pour une conférence de sécurité ainsi que le remboursement des frais de transport et hébergement pour la conférence. Pour une valeur totale (billets et frais) maximale de 3000€.

Si aucune personne n'a résolu le challenge dans son intégralité lors de la clôture du challenge, les personnes étant arrivées au 3ème niveau seront invitées à envoyer une solution la plus complète possible avant le lundi 17 novembre à 10h. Synacktiv décidera du vainqueur suivant la qualité de la solution (seront privilégiées les solutions techniques originales et inventives, la forme est accessoire).

La participation est individuelle mais l'appel ponctuel à un ami est autorisé.

Seuls les IPs et services du challenge peuvent être attaqués.

Toute tentative de brute-force, déni de service, attaque physique ou mentale sur un organisateur entraînera un bannissement temporaire ou définitif.

Les tentatives pour soudoyer les organisateurs du challenge (bière ou saucisson en particulier) sont autorisées mais leur résultat ne peut être garanti.

Synacktiv divulguera des indices sur son compte twitter : Synacktiv

En prenant part au concours, les participants donnent tacitement leur accord pour la publication de leur réponse associée à leur nom ou pseudonyme.

Winners of the NSC challenge!

Fabien Perigaud

Solution: NSC_challenge_2014_FABIEN_PERIGAUD.zip



Outsider!

David Berard & Vincent Fargues

Solution: NSC_challenge_2014_D.BERARD_V.FARGUES.pdf



Eltrai & Frisk0

Solution: NSC_challenge_2014_Eltrai_Frisk0.pdf

PREVIOUS VERSION



logo_2013 techtv

PHOTOS GALERIES



nav_footer_left nav_footer_right