Abusing LUKS to Hack the System

Presented at DeepSec 2016 „Ten“, Unknown date/time (Unknown duration).

Most security issues are carried out remotely over the network. Local attacks are less "useful" and so this is a less explored area. On the other hand, local exploitation is a typical scene of Hollywood movies: the hacker face to face with the target system (and a keyboard in between).  In this presentation we will show in action the well known principle that "complexity is the enemy of security". It is very easy to make mistakes when adding new functionality to existing systems. Do you remember the GRUB 28 bug?. After we found that bug, we reviewed the rest of the Linux boot sequence...

Presenters:

  • Ismael Ripoll - Universidad Politécnica de Valencia & University of the West of Scotland
    Ismael Ripoll received his PhD in computer science from the Universitat Politecnica de Valencia in 1996, where he is professor of several cybersecurity subjects in the Department of Computing Engineering. Before working on security, he participated in multiple research projects related to hypervisor solutions for European spacecrafts; dynamic memory allocation algorithms; Real-Time Linux; and hard real-time scheduling theory. Currently, he is applying all this background to the security field. His current research interests include memory error defense/attacks techniques (SSP and ASLR) and software diversification. Ismael Ripoll is a Cybersecurity researcher at UPV Cybersecurity group. Hector Marco-Gisbert have received the Ph.D. degree in computer science, CyberSecurity in 2015. Initially, he participated in several research projects where the main goal was to develop an hypervisor for the next generation of space crafts for the ESA (European Space Agency). He contributed to extend the scope of the projects to include security aspects using the MILS (Multiple Independent Levels of Security/Safety) architecture. Currently, Hector Marco is a lecturer in Cyber Security and Virtualisation at the University of the West of Scotland. His research aims to identify and thwart critical security threats focusing on servers and smartphone platforms. His interests includes study and design new low level attacks and protection mechanisms. He revisited mature and well known techniques, as SSP (Stack Smashing Protection) and ASLR (Address Space Layout Randomization), and he was able to make substantial contributions like RenewSSP and ASLR-NG. He has also received awards and recognitions from Google and Packet Storm Security for his security contributions to the Linux kernel.
  • Hector Marco - Universidad Politécnica de Valencia & University of the West of Scotland
    Ismael Ripoll received his PhD in computer science from the Universitat Politecnica de Valencia in 1996, where he is professor of several cybersecurity subjects in the Department of Computing Engineering. Before working on security, he participated in multiple research projects related to hypervisor solutions for European spacecrafts; dynamic memory allocation algorithms; Real-Time Linux; and hard real-time scheduling theory. Currently, he is applying all this background to the security field. His current research interests include memory error defense/attacks techniques (SSP and ASLR) and software diversification. Ismael Ripoll is a Cybersecurity researcher at UPV Cybersecurity group. Hector Marco-Gisbert have received the Ph.D. degree in computer science, CyberSecurity in 2015. Initially, he participated in several research projects where the main goal was to develop an hypervisor for the next generation of space crafts for the ESA (European Space Agency). He contributed to extend the scope of the projects to include security aspects using the MILS (Multiple Independent Levels of Security/Safety) architecture. Currently, Hector Marco is a lecturer in Cyber Security and Virtualisation at the University of the West of Scotland. His research aims to identify and thwart critical security threats focusing on servers and smartphone platforms. His interests includes study and design new low level attacks and protection mechanisms. He revisited mature and well known techniques, as SSP (Stack Smashing Protection) and ASLR (Address Space Layout Randomization), and he was able to make substantial contributions like RenewSSP and ASLR-NG. He has also received awards and recognitions from Google and Packet Storm Security for his security contributions to the Linux kernel.

Links:

Similar Presentations: