SecDocs Feed for author Felix 'FX' Lindner

[Audio] Building Custom Disassemblers

Wed, 25 Apr 2012 06:38:44 +0200

Authors: Felix 'FX' Lindner
Tags: reverse engineering
Event: Chaos Communication Congress 27th (27C3) 2010
Abstract: The Reverse Engineer occasionally faces situations where even his most advanced commercial tools do not support the instruction set of an arcane CPU. To overcome this situation, one can develop the missing disassembler. This talk is meant to be a tutorial on how to approach the task, what to focus on first and what surprises one may be in for. The primary focus will be on the transformation of byte code back into mnemonic representation where only the reverse transformation is available (i.e. you have the respective assembler). It also covers how to integrate your new disassembler into your reverse engineering tool chain.

[Video] Building Custom Disassemblers

Sun, 22 Apr 2012 13:12:03 +0200

[Video] Apple vs. Google Client Platforms

Tue, 20 Mar 2012 06:36:19 +0100

Authors: Felix 'FX' Lindner
Tags: Mac OS X Google iPhone
Event: Chaos Communication Congress 28th (28C3) 2011
Abstract: We will discuss the two different approaches Apple and Google take for the client platforms iPad and Chromebook, how they are similar and how they are not. From the security architecture and integrity protection details to your account and identity that links you firmly back to the respective vendor, we will provide the big picture with occasional close-up shots. Here is what powers the vendor has over you, or what powers he gives to arbitrary unwashed attackers at conferences through fails in logic, binary or HTML.

[Audio] Apple vs. Google Client Platforms

Tue, 20 Mar 2012 06:36:18 +0100

[Paper] Developments in Cisco IOS Forensics

Sat, 28 Jan 2012 06:52:56 +0100

Authors: Felix 'FX' Lindner
Tags: Cisco
Event: Black Hat EU 2008

[Slides] Analysing Complex Systems: The BlackBerry Case

Sun, 15 Jan 2012 06:34:41 +0100

Authors: Felix 'FX' Lindner
Tags: BlackBerry phone
Event: Black Hat EU 2006

[Slides] Analysing Complex Systems: the BlackBerry Case

Wed, 04 Jan 2012 06:49:09 +0100

Authors: Felix 'FX' Lindner
Tags: BlackBerry
Event: Black Hat USA 2006

[Slides] Lessons Learned When The Cisco Guys Went to Windows land

Sat, 17 Dec 2011 11:02:49 +0100

Authors: Felix 'FX' Lindner
Tags: Windows Cisco
Event: Black Hat Windows Security 2004

[Slides] Practical Win32 and UNICODE Exploitation

Sat, 10 Dec 2011 06:38:52 +0100

Authors: Felix 'FX' Lindner
Tags: Windows
Event: Black Hat EU 2004

[Slides] Vulnerability Finding in Win32—A Comparison

Thu, 01 Dec 2011 06:53:26 +0100

Authors: Felix 'FX' Lindner
Tags: Windows bug hunting
Event: Black Hat USA 2004

[Slides] Routing and Tunneling Protocol Attacks

Wed, 23 Nov 2011 06:38:52 +0100

Authors: Felix 'FX' Lindner
Tags: routing VPN
Event: Black Hat Windows Security 2002

[Slides] Attacking Networked Embedded Systems

Sun, 20 Nov 2011 06:44:43 +0100

Authors: Felix 'FX' Lindner
Tags: embedded
Event: Black Hat USA 2002

[Slides] Attacking Networked Embedded Systems

Sun, 13 Nov 2011 06:25:26 +0100

Authors: Felix 'FX' Lindner
Tags: embedded
Event: Black Hat Asia 2002

[Slides] Routing Protocol Attacks

Mon, 31 Oct 2011 06:54:52 +0100

Authors: Felix 'FX' Lindner
Tags: routing
Event: Black Hat EU 2001

[Slides] Design Issues and Software Vulnerabilities in Embedded Systems

Fri, 21 Oct 2011 09:00:33 +0200

Authors: Felix 'FX' Lindner
Tags: embedded
Event: Black Hat Windows Security 2003

[Slides] Design and Software Vulnerabilities In Embedded Systems

Sun, 16 Oct 2011 14:56:49 +0200

Authors: Felix 'FX' Lindner
Tags: embedded
Event: Black Hat EU 2003

[Slides] More (Vulnerable) Embedded Systems

Sat, 08 Oct 2011 11:15:02 +0200

Authors: Felix 'FX' Lindner
Tags: vulnerability embedded
Event: Black Hat USA 2003

[Slides] Cisco Vulnerabilities - Yesterday, Today and Tomorrow

Thu, 06 Oct 2011 10:48:51 +0200

Authors: Felix 'FX' Lindner
Tags: router vulnerability Cisco
Event: Black Hat Federal 2003

[Paper] Blitzableiter - the Release

Tue, 13 Sep 2011 09:40:59 +0200

Authors: Felix 'FX' Lindner
Tags: Rich Internet Applications Flash
Event: Black Hat USA 2010
Abstract: The talk presents a simple but effective approach for securing Rich Internet Application (RIA) content before using it. Focusing on Adobe Flash content, the security threats presented by Flash movies are discussed, as well as their inner workings that allow such attacks to happen. Some of those details will make you laugh, some will make you wince. Based on the properties discussed, the idea behind the defense approach will be presented, as well as the code implementing it and the results of using it in the real world. After a year of development, we hope to release a working tool to the world, so you can apply the defense technique to your web browser.

[Slides] Blitzableiter - the Release

Mon, 12 Sep 2011 22:05:25 +0200

[Slides] Blitzableiter - Securing Adobe Flash

Thu, 14 Apr 2011 20:18:08 +0200

Authors: Felix 'FX' Lindner
Tags: Rich Internet Applications Flash
Event: Black Hat Abu Dhabi 2010
Abstract: The talk presents a simple but effective approach for securing Adobe Flash content before using it. The security threats presented by Flash movies are discussed, as well as their inner workings that allow such attacks to happen. Some of those details will make you laugh, some will make you wince. Based on the properties discussed, the idea behind the defense approach will be presented, as well as the code implementing it and the results of using it in the real world.

[Paper] Blitzableiter - Securing Adobe Flash

Thu, 14 Apr 2011 20:17:36 +0200

[Video] Blitzableiter - the Release

Sat, 26 Feb 2011 11:14:51 +0100

Authors: Felix 'FX' Lindner
Tags: Rich Internet Applications Flash
Event: DEFCON 18

[Slides] Blitzableiter - the Release

Sat, 26 Feb 2011 11:08:14 +0100

Authors: Felix 'FX' Lindner
Tags: Rich Internet Applications Flash
Event: DEFCON 18

[Audio] Blitzableiter - the Release

Sat, 26 Feb 2011 11:06:35 +0100

Authors: Felix 'FX' Lindner
Tags: Rich Internet Applications Flash
Event: DEFCON 18

[Audio] Developments in Cisco IOS Forensics

Sun, 18 Jul 2010 14:33:00 +0200

Authors: Felix 'FX' Lindner
Tags: forensic router Cisco
Event: Black Hat USA 2008

[Slides] Developments in Cisco IOS Forensics

Sun, 18 Jul 2010 14:33:00 +0200

Authors: Felix 'FX' Lindner
Tags: forensic router Cisco
Event: Black Hat USA 2008

[Video] Developments in Cisco IOS Forensics

Sun, 18 Jul 2010 14:33:00 +0200

Authors: Felix 'FX' Lindner
Tags: forensic router Cisco
Event: Black Hat USA 2008

[Paper] Router Exploitation

Mon, 15 Mar 2010 11:04:00 +0100

Authors: Felix 'FX' Lindner
Tags: router exploiting Cisco
Event: DEFCON 17

[Video] Router Exploitation

Mon, 15 Mar 2010 11:04:00 +0100

Authors: Felix 'FX' Lindner
Tags: router exploiting Cisco
Event: DEFCON 17

[Audio] Router Exploitation

Mon, 15 Mar 2010 11:02:00 +0100

Authors: Felix 'FX' Lindner
Tags: router exploiting Cisco
Event: DEFCON 17

[Video] Defending the Poor

Wed, 03 Feb 2010 06:04:39 +0100

Authors: Felix 'FX' Lindner
Tags: Rich Internet Applications Flash
Event: Chaos Communication Congress 26th (26C3) 2009
Abstract: The talk will discuss a class of in-the-wild malware and exploits, reasons for it's success as well as reasons why protecting against it in common ways is not effective. This will be done by examining the internals of the attacked subject. Following this, the second part of the talk will present an alternative protection mechanism, which the presenter believes prevents large parts of this class of attacks. The mechanisms and code to do this will be presented and released. The talk presents a simple but effective approach for securing Rich Internet Application (RIA) content before using it. Focusing on Adobe Flash content, the security threats presented by Flash movies are discussed, as well as their inner workings that allow such attacks to happen. Some of those details will make you laugh, some will make you wince. Based on the properties discussed, the idea behind the defense approach will be presented, as well as the code implementing it and the results of using it in the real world.

[Video] Analysing Complex Systems: The BlackBerry Case

Tue, 29 Dec 2009 06:11:48 +0100

Authors: Felix 'FX' Lindner
Tags: BlackBerry
Event: DEFCON 14

[Audio] Analysing Complex Systems: The BlackBerry Case

Tue, 29 Dec 2009 06:11:47 +0100

Authors: Felix 'FX' Lindner
Tags: BlackBerry
Event: DEFCON 14

[Audio] Toying With Barcodes

Sun, 15 Nov 2009 02:49:20 +0100

Authors: Felix 'FX' Lindner
Tags: barcode
Event: DEFCON 16

[Audio] Developments in Cisco IOS Forensics

Sun, 15 Nov 2009 02:49:19 +0100

Authors: Felix 'FX' Lindner
Tags: forensic Cisco
Event: DEFCON 16

[Slides] Router Exploitation

Tue, 15 Sep 2009 23:46:00 +0200

Authors: Felix 'FX' Lindner
Tags: router exploiting
Event: Black Hat USA 2009

[Paper] Router Exploitation

Tue, 15 Sep 2009 23:34:00 +0200

Authors: Felix 'FX' Lindner
Tags: router exploiting
Event: Black Hat USA 2009

[Video] Toying With Barcodes

Wed, 08 Apr 2009 23:33:00 +0200

Authors: Felix 'FX' Lindner
Tags: barcode
Event: DEFCON 16

[Video] Developments in Cisco IOS Forensics

Wed, 08 Apr 2009 01:20:00 +0200

Authors: Felix 'FX' Lindner
Tags: forensic Cisco
Event: DEFCON 16

[Slides] Developments in Cisco IOS Forensics

Wed, 08 Apr 2009 00:47:00 +0200

Authors: Felix 'FX' Lindner
Tags: forensic Cisco
Event: DEFCON 16

[Video] Cisco IOS attack and defense

Wed, 25 Mar 2009 11:15:00 +0100

Authors: Felix 'FX' Lindner
Tags: exploiting Cisco
Event: Chaos Communication Congress 25th (25C3) 2008
Abstract: The talk will cover the past, present and future of Cisco IOS hacking, defense and forensics. Starting from the historic attacks that still work on less well managed parts of the Internet, the powerful common bugs, the classes of binary vulnerabilities and how to exploit them down to the latest methods and techniques, this session will try to give everything in one bag.

[Paper] Developments in Cisco IOS Forensics

Sat, 01 Mar 2008 22:57:00 +0100

Authors: Felix 'FX' Lindner
Tags: forensic Cisco
Event: Black Hat DC 2008
Abstract: Cisco System’s routers running Cisco IOS are still the prevalent routing platform on the Internet and corporate networks. Their huge population, architectural deficiencies and hugely diverse version distribution make them a valuable target that gains importance as common operating system platforms are closed down and secured. This paper takes the position that the currently used, well accepted practices for monitoring, debugging and post mortem crash analysis are insufficient to deal with the threat of compromised IOS devices. It sets forth a different method that reduces the requirement for constant logging, favoring on- demand in-depth analysis in case of suspicion or actual device crashes. The paper concludes by presenting the current state in the development of software supporting the proposed method and requesting feedback from the community on the software’s future directions.