Moti Joseph has been involved in computer security. In the last few years he has been working on reverse engineering exploit code and developing security products. He has worked for CheckPoint and WebSense. Also he has given speech on BlackHat2007, ShakaCon2009, POC2009, CONF2009, SYSCAN2010.
Xu Hao keeps on developing security products and researching advanced security technology. Main research areas: Windows kernel, Rootkit and malware, hardware virtualization technology, reverse engineering, smart card & PKI, Mac OSX security. He has spoken at XCON2008, XCON2009, POC2009, SYSCAN2010.
We will tell you the whole story about our working on a 0day for Windows. First we talk about how to find the vulnerable code and show you how good it is. Then we analyze the details and try to find out how to trigger it. After that, we find the limitation of this 0day which really breaks our heart. At last, we will show demos how this 0day can be exploited.
This topic is not very much about technique. It is a real story about how hacker works and we disclose the 0day we found. Hope everyone will enjoy it.