Zeronights Saint-Petersburg 2018

Star 0

Talks

Title	Humans
Misconfiguration in development infrastructure
Blind XSS
Introduction into browser hacking
Unveiling the cloak: A behind-the-scenes look at what happens when you click that link	Ilya Nesterov
Reverse proxies & Inconsistency	Alexey Tiurin
Abusing UPnP to create the perfect cloaking framework
Ntlm Relay Reloaded: Attack methods you do not know	Jianing Wang , Junyu Zhou , Tencent Security Xuanwu Lab
Denial, anger, bargaining, depression and acceptance: Stages of reporting 0-days to Russian vendors	Kaspersky Lab
SD-WAN Internet Census	Denis Kolegov , Oleg Broslavsky
Zero Fax given	Luis Merino , Markus Vervier , Eric Sesterhenn
Massive Scale USB Device Driver Fuzz WITHOUT device	HC MA
Denial, anger, bargaining, depression and acceptance: Stages of reporting 0-days to Russian vendors
Atypical vulnerabilities
Redis post-exploitation
Turning your BMC into a revolving door	Alexandre Gazet , Joffrey Czarny , Fabien Perigaud
Spel injection
Vulnerability in compiler leads to stealth backdoor in software	David Baptiste
Diffing C source codes to binaries	Joxean Koret
NUClear explotion	Alexander Ermolov
SCADA projects from the point of view of hackers	Yuriy Gurkin
I <“3 XSS
PHP
PHP unserialize
Issues in Node.js Desktop applications (hypster_mode_ON in development)
ELF execution in Linux RAM
Automated approach to the analysis of network devices security
Defense. Change my mind!	Sergey
Who owned your code: Attack surfaces against Git web servers used by thousands of developers	Junyu Zhou , Wenxu Wu
Harder, Faster, Better, Stronger: The (Re)Evolution of the Hacker Con
BugBounty Automation	Sergey
Ways to automate testing Linux kernel exploits
Reveal the unseen: Getting access to sensitive data with graphic file editing libraries
Key methods of CSP bypassing	Ivan Chalykin
Researching Marvell Avastar Wi-Fi: from zero knowledge to over-the-air zero-touch RCE