GuadalajaraCON 2012 by Websec
On April 20th, Websec held and information security conference called GuadalajaraCON 2012 in Guadalajara, Jalisco, Mexico. The conference was characterized by remarkable technical content and the high quality of its speakers.
Here you can find the presentations (in spanish) and software used during the event:
Hide and Find Rootkits in Linux (PDF)
This talk demonstrates different techniques used to hide and find rootkits in Linux systems by using SLAB, the reconstruction of the process table or through PROC/SYS's virtual system. More information.
Algebraic geometry for experimental cryptography (PDF) (SOFTWARE)
Here a new algebraic structure is explained, which meets the requirements needed to be cryptographically secure in terms of discrete logarithms in abelian groups. Known attacks aren't effective against this algebraic platform. More information.
Distributed port scanning (PDF) (DNMAP)
How to accomplish distributed port scanning using the cloud. Using this method, it was possible to scan 15 times the number of servers available on Shodan for Mexico. More information.
DotDotPwn 3.0 (PDF)
A tool designed to automate the process of testing for vulnerabilities such as Directory Traversal or Directory Escalation. Written in Perl, it can audit FTP, TFTP, HTTP or any web application. More information.
How to break RSA generated with OpenSSL (PDF) (SOFTWARE)
We we talk about how RSA works and we will break a random key in real-time generated using OpenSSL, we will then reconstruct the private key by using the public key and finally we will analyze the math behind this problem. More information.
Cryptography vs Stenography (PDF) (SOFTWARE)
Uses of discrete transformed trigonometry to optimize stenographic algorithms on digital images while avoiding increasing the data size and losing much quality in the image. More information.
USB Attack Toolkit (UAT) (PDF)
A tool called UAT (USB Attack Toolkit) for exploring and exploiting the USB protocol. The tool has many interesting functions such as a sniffer which works better than Wireshark for heavy loads and the possibility of fuzzing the USB protocol. More information.
Detecting intrusions on the network (PDF)
An attack using Metasploit will be demonstrated while showing the patterns that can be used to identify such attack. Additionally a sample of malware will be used. More information.
Case of Anti-Depredadores.org (PDF)
Our international speaker David Moreno (4v4t4r) demonstrated a recent case of the collaborative project against pedophiles on the Internet: Anti-Depredadores.org