::: left till the conference

Main Stage Talks. Part 3

Previously we also told about the talks included in the ZeroNights 2021 main program in the news:

Improving the exploit for CVE-2021-26708 in the Linux kernel to bypass LKRG

CVE-2021-26708 is assigned to five race condition bugs in the virtual socket implementation of the Linux kernel. These vulnerabilities were discovered and fixed by Alexander Popov

Earlier, he demonstrated how to exploit them for local privilege escalation on Fedora 33 Server for x86_64. And in this talk, Alexander will describe how he improved this exploit to bypass the Linux Kernel Runtime Guard (LKRG).

Exploring Galaxy. Building emulators to find vulnerabilities in modern phones

In this talk, Alexander Tarasikov will talk about vulnerabilities in the Secure Bootloader (S-Boot), Hypervisor (RKP) and TrustZone apps (TEEGRIS) on Samsung Galaxy phones with Exynos SoCs. He will cover approaches to finding bugs and their impact on end-user security. The focus will be on building custom emulators based on QEMU to facilitate debugging proprietary components, and how such emulators help in developing an exploit. 

Alexander will also discuss what developers/the industry could have done better to try to avoid such issues, as well as the limits of security engineering, which unfortunately make it impossible to prevent vulnerabilities entirely.

All of the issues have been responsibly disclosed to the vendor and have been patched by Samsung in 2019-2020. This talk does not present unpatched zero-days.

8 ways to spy on your consoles  

A quick look at different ways to record console input and output with working examples, pros and cons. The speaker is Ivan Agarkov.

Weird proxies/2 and a bit of magic

Reverse proxies and their variations are used everywhere in modern web applications for routing, caching, and access differentiation. This talk by Aleksei (GreenDog) Tiurin is dedicated to new research results about different reverse proxies and new possibilities brought by HTTP/2. It is a collection of tricks for exploiting various misconfigurations.

Other news
Financial Technologies Center supports ZeroNights X
Bug Bounty by Bitaps
Let’s make ZeroNights better