{"id":172867,"date":"2013-03-15T14:37:03","date_gmt":"2013-03-15T10:37:03","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=172867"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=172867","title":{"rendered":"Black Hat Europe 2013<\/span>"},"content":{"rendered":"
\t\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u0434\u043e\u043a\u043b\u0430\u0434\u043e\u0432 (14-15 \u043c\u0430\u0440\u0442\u0430<\/a>) \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat Europe 2013<\/a>. \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u043d\u0430 \u043c\u0435\u0440\u043e\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u0445 \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u0443\u044e\u0442\u0441\u044f \u0434\u043e\u043a\u043b\u0430\u0434\u044b \u0441 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c, \u043d\u0435 \u0441\u0442\u0430\u043b \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u0438 \u044d\u0442\u043e\u0442 \u0433\u043e\u0434. \u0421\u043f\u0438\u0441\u043e\u043a \u0434\u043e\u043a\u043b\u0430\u0434\u0447\u0438\u043a\u043e\u0432 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0437\u0434\u0435\u0441\u044c<\/a>. \u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u043b\u0430 \u0432 \u0410\u043c\u0441\u0442\u0435\u0440\u0434\u0430\u043c\u0435. Black Hat \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u043f\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u043f\u0440\u0438\u0447\u0438\u043d\u0430\u043c, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u043e\u043a\u043b\u0430\u0434\u044b \u0432 \u0440\u0430\u0437\u043d\u044b\u0435 \u0433\u043e\u0434\u044b \u0437\u0430\u043b\u043e\u0436\u0438\u043b\u0438 \u0442\u0440\u0435\u043d\u0434\u044b \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0431\u043b\u0430\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 security analysis. \u041a\u0440\u043e\u043c\u0435 \u044d\u0442\u043e\u0433\u043e, \u043e\u043d \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044e, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043e\u0431\u043b\u0430\u0441\u0442\u0435\u0439 security analysis, \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f.<\/p>\n

<\/a><\/p>\n

\u041e\u0434\u0438\u043d \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0434\u043e\u043a\u043b\u0430\u0434\u043e\u0432, \u043d\u0430 \u043d\u0430\u0448 \u0432\u0437\u0433\u043b\u044f\u0434, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b Zhenhua ‘Eric’ Liu, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Fortinet. \u0415\u0433\u043e \u0434\u043e\u043a\u043b\u0430\u0434<\/a> \u043d\u0430\u0437\u044b\u0432\u0430\u043b\u0441\u044f \u00abAdvanced Heap Manipulation in Windows 8\u00bb<\/b>.<\/p>\n

\u0414\u043e\u043a\u043b\u0430\u0434 \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 kernel pool \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u044f\u0434\u0440\u0430 \u0438 \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043b\u0443\u0436\u0438\u0442\u044c \u0445\u043e\u0440\u043e\u0448\u0438\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a \u0443\u0436\u0435 \u0441\u0442\u0430\u0432\u0448\u0435\u043c\u0443 \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c\u0443 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0443 Tarjei Mandt (aka kernelpool) \u2014 \u00abKernel Pool Exploitation on Windows 7\u00bb<\/b>, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0437\u0434\u0435\u0441\u044c<\/a>. \u0412 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0434\u043e\u043a\u043b\u0430\u0434\u0430 Tarjei Mandt<\/a>, \u043d\u043e\u0432\u044b\u0439 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0443\u043b\u0430 \u043d\u0430 Windows 8. \u0422\u0430\u043a\u0436\u0435 \u044d\u0442\u043e\u0442 \u0434\u043e\u043a\u043b\u0430\u0434 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 user mode heap. \u041f\u043e\u043b\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0434\u043e\u043a\u043b\u0430\u0434\u0430<\/a>.<\/p>\n

Zhenhua Liu will present on Wednesday, March 15th at 2:00 pm its research paper entitled: \u201cAdvanced Heap Manipulation in Window 8\u201d. Inspired by the infamous \u00abHeap Feng Shui\u00bb technique, he will demonstrate an advanced method to manipulate the heap layout (both kernel pool and user heap) on Windows 8, hence enabling the exploitation of a whole class of vulnerabilities, which were previously rendered moot by built-in Windows 8 exploit mitigation improvements.<\/b><\/p><\/blockquote>\n

\u0414\u0440\u0443\u0433\u043e\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u0434\u043e\u043a\u043b\u0430\u0434 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u041d\u0438\u043a\u0438\u0442\u0430 \u0422\u0430\u0440\u0430\u043a\u0430\u043d\u043e\u0432 (NTarakanov) \u0438 \u041e\u043b\u0435\u0433 \u041a\u0443\u043f\u0440\u0435\u0435\u0432<\/a>. \u0418\u0445 \u0430\u043d\u0430\u043b\u0438\u0437 \u043d\u0430\u0437\u044b\u0432\u0430\u043b\u0441\u044f \u00abHuawei \u2014 from China with Love\u00bb<\/b>. \u0412 \u043d\u0435\u043c \u0438\u0434\u0435\u0442 \u0440\u0435\u0447\u044c \u043e \u043c\u043e\u0434\u0435\u043c\u0430\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 Huawei<\/a> \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432\u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u043c \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441 \u043d\u0438\u043c\u0438, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0435 \u043a \u0438\u0445 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u043a\u043b\u0430\u0434 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0437\u0434\u0435\u0441\u044c<\/a>.<\/p>\n

3G\/4G networks are getting popular more and more these days. Most of users nowadays have USB 3G\/4G modems \u2013 they\u2019re small, easy-to-use and pretty cheap. That\u2019s why we started this research. The main idea of it \u2013 find an opportunity to infect as much as possible.
As a result of this research we can say that software that manages the USB device is full of vulnerabilities (from Remote Code Execution to Local Privilege Execution) So, full pwnage of a box. The main goal of modem infection can become constructing world-wide botnet: from infecting one Website \u2014 to pwnage of all users of Huawei USB modems.<\/b> <\/p><\/blockquote>\n

\u041e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\/\u0441\u0430\u043d\u0434\u0431\u043e\u043a\u0441\u043e\u0432 (sandboxes) \u0434\u043e\u043a\u043b\u0430\u0434 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 Rafal Wojtczuk \u0438 Rahul Kashyap. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u00abThe sandbox roulette \u2014 are you ready for the gamble?\u00bb<\/b>. \u0412 \u043d\u0435\u0439 \u0434\u0430\u044e\u0442\u0441\u044f \u0437\u0430\u043c\u0435\u0442\u043a\u0438 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0442\u0438\u043f\u0430\u0445 \u0441\u0430\u043d\u0434\u0431\u043e\u043a\u0441\u043e\u0432. \u0421\u0430\u043c \u0434\u043e\u043a\u043b\u0430\u0434 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0437\u0434\u0435\u0441\u044c<\/a>. \u0420\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0442\u0438\u043f\u043e\u0432 \u0441\u0430\u043d\u0434\u0431\u043e\u043a\u0441\u043e\u0432, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Sandboxie \u0438 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0441\u0430\u043d\u0434\u0431\u043e\u043a\u0441 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440 Google Chrome.<\/p>\n

This talk will present an in-depth, security focused, technical analysis of the application sandboxing technologies available today. It will provide a comparison framework for different vendor technologies that is consistent, measurable, and understandable by both IT administrators and security specialists.<\/b> In addition we will explore each of the major commercially available sandbox flavors, and evaluate their ability to protect enterprise data and the enterprise infrastructure as a whole. We will provide an architectural decomposition of sandboxing to highlight its advantages and limitations, and will interweave the discussion with examples of exploit vectors that are likely to be used by sophisticated malware to actively target sandboxes in the future. <\/p><\/blockquote>\n

\u0414\u043e\u043a\u043b\u0430\u0434\u044b, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438, \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0437\u0434\u0435\u0441\u044c<\/a>.<\/p>\n

\t \t\t \t<\/p>\n

<\/div>\n<\/p><\/div>\n

\u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438 http:\/\/habrahabr.ru\/company\/eset\/blog\/172867\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\t\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u0434\u043e\u043a\u043b\u0430\u0434\u043e\u0432 (14-15 \u043c\u0430\u0440\u0442\u0430<\/a>) \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0438 Black Hat Europe 2013<\/a>. \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u043d\u0430 \u043c\u0435\u0440\u043e\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u0445 \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u0443\u044e\u0442\u0441\u044f \u0434\u043e\u043a\u043b\u0430\u0434\u044b \u0441 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c, \u043d\u0435 \u0441\u0442\u0430\u043b \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u0438 \u044d\u0442\u043e\u0442 \u0433\u043e\u0434. \u0421\u043f\u0438\u0441\u043e\u043a \u0434\u043e\u043a\u043b\u0430\u0434\u0447\u0438\u043a\u043e\u0432 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0437\u0434\u0435\u0441\u044c<\/a>. \u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u043b\u0430 \u0432 \u0410\u043c\u0441\u0442\u0435\u0440\u0434\u0430\u043c\u0435. Black Hat \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u043f\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u043f\u0440\u0438\u0447\u0438\u043d\u0430\u043c, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u043e\u043a\u043b\u0430\u0434\u044b \u0432 \u0440\u0430\u0437\u043d\u044b\u0435 \u0433\u043e\u0434\u044b \u0437\u0430\u043b\u043e\u0436\u0438\u043b\u0438 \u0442\u0440\u0435\u043d\u0434\u044b \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0431\u043b\u0430\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 security analysis. \u041a\u0440\u043e\u043c\u0435 \u044d\u0442\u043e\u0433\u043e, \u043e\u043d \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044e, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043e\u0431\u043b\u0430\u0441\u0442\u0435\u0439 security analysis, \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-172867","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/172867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=172867"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/172867\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=172867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=172867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=172867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}