Articles with tag: Hack In The Box
POSTED BY: George Chatzisofroniou / 11.05.2017

Lure10: Exploiting Windows Automatic Association Algorithm

Lure10 is a novel technique presented at the Hack-in-the-Box 2017 conference in Amsterdam that enables an attacker to automatically achieve a man-in-the-middle position against wireless devices running the Windows operating system. The attack requires no user interaction and exploits the "Wi-Fi Sense" feature found in recent versions of the Microsoft Windows platform.

POSTED BY: CENSUS / 26.04.2017

Hack In The Box 2017 Amsterdam

CENSUS researcher George Chatzisofroniou presented a novel WiFi attack technique named 'Lure10' at the CommSec track of the Hack In the Box 2017 conference in Amsterdam. The technique allows the automatic association of a Windows device to an attacker-controlled WiFi access point. The attacker may then mount a series of Man-in-the-Middle attacks to the victim device.

POSTED BY: Anestis Bechtsoudis / 18.06.2015

Fuzzing Objects d’ART — Hack In The Box 2015 Amsterdam

Hello, my name is Anestis Bechtsoudis and I’m a security engineer at CENSUS. I recently gave a talk on Android ART runtime fuzzing techniques at the Hack-in-the-Box 2015 Amsterdam security conference. The talk entitled “Fuzzing Objects d’ART — Digging Into the New Android L Runtime Internals”, analyzed a series of DEX smart fuzzing techniques targeting the bytecode optimization and compilation components of the new Android ART runtime.

POSTED BY: CENSUS / 18.06.2015

Hack in the Box 2015 Amsterdam

CENSUS security engineer Anestis Bechtsoudis delivered the "Fuzzing Objects d’ART" presentation at the Hack In The Box 2015 conference, in Amsterdam, Netherlands. The presentation provided an overview of the new Android Runtime (ART, introduced in the Android Lollipop release) and described the fuzzing mechanism that was required to identify bugs in the ART optimization process. Such bugs could be used by attackers to remotely execute code on any Android device running the Lollipop release.