Domingo Montanaro (Information Security Specialist)
Presentation Title: Kernel Hacking - If I Really Know I Can Hack
Presentation Details:
This presentation intend to cover specifically the most necessary and more undocumented area of the computer security: attacks to the core of the systems (Kernel-level attacks—which can defeat the existing security models). As all we know, security systems generally runs with the kernel privilegies (like pax, lids, selinux and more others) and can be bypassed if the kernel itself has been compromised.
Attempts to protect the kernel mode (like canary protection into the kernel mode, introduced by Windows 2003 and pax-randkstack/noexec protections) exist, but are restrict in protecting the exploitation, not preventing the exploitation consequences. St. Michael is an open-source project, that covers Solaris and Linux (in the future, I plan to port it to NetBSD systems too) and try to offer a security integrity checks into that systems (it will check filesystem, kernel structures and MBR of the system against any attempt to change or any changes, and have the capability to recover the system or take it down).
During the presentation, many test-attacks will be used to explain how the StMichael actually works to defeat/detect attacks. Also, a sample will be showed, using StMichael and many others kernel security related tools (special focus into PAX).
About Domingo
Domingo Montanaro is an Information Security Specialist, has been working with High Technology crime investigation for private companies including the financial market in the majority and also for law enforcement as Forensics Connoisseur. Expertise in Data Recovery, Incident Handling, Response and Tracking, Evidence Collection, Forensics and Anti-Forensics Search and Development and Information Leakage issues. H2HC - Hackers 2 Hackers Conference organizer (Latin America’s most important Hacking conference).
** Presenting with Rodrigo Rubira Branco