120-Minute Intensive, Hands-On Sessions

18th November

16:00 - 18:00
By: Munawwar Hussain Shelia

In this lab, participants will write ARM Linux shell code to spawn a shell. We will also discuss a few tips on how to make your shellcode smaller and reliable so that it could be executed even in a very stringent environment where there is a restriction on the payload size and we will later do the hands-on on those concepts.

Writing a shellcode for Bare-metal system is very different from writing it for Operating System like Linux or Windows. I explain in detail how this shell code is different and how it is injected in the device, and I will also explain how this payload manages to control the hardware component connected to the device.

A demo attack on a vulnerable ARM-based IoT Device running a Bare-Metal firmware in which a buffer overflow vulnerability  is exploited to take control of the GPIO pins of the hardware will be shown.

19th November

16:00 - 18:00
By: Mars Cheng

There is a considerable gap between the background knowledge of industrial control systems and information security practitioners. Often, practitioners in the industrial control field do not understand information security, and the information security practitioners do not know anything about the industrial control field.

This LAB will specifically target students of various backgrounds so that they can get a glimpse of the mystery of industrial control information security. Based on MITRE ATT&CK for ICS, we will share and implement how to successfully obtain control of ICS from attacking industrial control protocols, and then share and implement how to detect and defend malicious attacks on these protocols.

18:00 - 20:00
By: Slawomir Jasek

In this lab you will get familiar with the very basics of BLE and its (in)security. You will however leave surprised – how many devices it is possible to “hack” using such simple techniques. Following a short introduction, we will dive straight into hands-on practical exercises with specially designed software  on the radio layer works exactly as real BLE device. You will only need a typical Windows 10 laptop and (preferably Android) phone to participate

18:00 - 21:00
By: Jorge Orchilles

In this two hour hands-on workshop you will play the role of both the red team and the blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise. Attendees will be able to create adversary emulation campaigns with SCYTHE and run them in a small environment consisting of a domain controller, member server, and a Linux system. Attendees will learn the basics of adversary emulation (powered by SCYTHE) and blue team tools such as Sysmon, WireShark, and others. It will be a fun two hours of hands-on learning!

20:00 - 22:00
By: Kaijern Lau, Wu ChenXu & Kong ZiQiao

In this lab we show you how to build your own fuzzers based on 1day bugs. We will discuss how we can use Qiling to work with IDA Pro, to combine the greatest static analysis tools with an emulation engine to archive cross platform and multi arch analysis. We also cover how we can dynamically analyze MBR binary (eg petya) with Qiling Framework.

20:00 - 22:00
By: Mathieu Favreaux

Timeless Analysis & Debugging builds upon captures of a time slice of a program or a full system execution to provide unique analysis features. By alleviating the need for iterative debugging sessions, it brings a new and powerful perspective to reverse-engineering problems such as vulnerability analysis.

This hands-on lab will use the Tetrane’s REVEN platform to introduce the concepts of Timeless Analysis and Debugging on a full system trace. You will be proposed exercises on pre-recorded reverse-engineering scenarios related to software running on Microsoft Windows.