【 HITCON PEACE 2022 Agenda 0x05｜Introduction】

🎉議程介紹文🎉 這次即將將帶大家來看的議程有

✨從 Binary Researcher 到 Bounty Hunter 的致富之路

✨ProMutator: 透過變異區塊鏈交易以檢測去中心化金融中的價格預言機漏洞

✨Hack The Real Box: an analysis of multiple campaigns by APT41's subgroup Earth Longzhi

✨當健保卡元件成為駭客的任意門

✨Actually, your blue team is red. Stealing your red move from the blue side

想更加了解今年還有哪些議程嗎🔎

我們將與大家一同來搶先看更多精彩議程，請務必鎖定粉絲專頁👀

—

🔥 趕緊購票一起來參與這場年度盛會 🔥

▌HITCON PEACE 2022

日期：2022.08.19 (五) - 2022.08.20 (六)

地點：南港展覽館 2 館 7 樓

購票連結：https://hitcon.kktix.cc/events/hitcon-peace-2022

—

🎉 We're announcing part 5 of our sessions sneak peek! 🎉

✨The Road to Riches: From Binary Researcher to Bounty Hunter

✨ProMutator: Detecting Price Oracle Vulnerabilities in DeFi by Mutated Transactions

✨Hack The Real Box: an analysis of multiple campaigns by APT41's subgroup Earth Longzhi

✨When the NHI card component becomes an backdoor for hackers

✨Actually, your blue team is red. Stealing your red move from the blue side

Do you want to know more about HITCON 2022's sessions? 🔎

We will be announcing them in upcoming weeks. Make sure to subscribe to our page. 👀

—

🔥Book your tickets to join this grand annual event🔥

▌HITCON PEACE 2022

Time：August 19-20 2022

Location：Online/Onsite in Taipei Nangang Exhibition Center, Hall  2, 7F, Taiwan

Ticket：https://hitcon.kktix.cc/events/hitcon-peace-2022

—

主辦單位：經濟部工業局、社團法人台灣駭客協會

執行單位：社團法人台灣駭客協會、工業技術研究院

【 HITCON PEACE 2022 Agenda｜CyberWeapon: ZeroDay Vulnerability Discovery】

▍從 Binary Researcher 到 Bounty Hunter 的致富之路

在過去，我們通常會認為 Bug Bounty 是一項專屬於 Web 領域的漏洞回報賞金計畫，但其實以 Binary 類型研究為主的資安研究員也開始有機會接觸到 Bug Bounty

Binary 的漏洞影響程度與 Web 相比，往往更加嚴重、影響層面更為廣泛，而近幾年來各大廠商也開始注重這種類型的漏洞，並紛紛開始對於這個領域的漏洞推出了各種賞金計畫！

如果你也是平常也是以 Binary 為主的研究員，想必也會對參與這種賞金計畫有興趣 💰

這場議程中，Lays 將會以一個逆向工程師的角度，來跟各位分享近年來參加各大廠商 Bug Bounty 的經驗心得以及回報漏洞的小技巧，並且介紹 Binary 與 Web 兩種類型的 Bug Bounty 不同之處

官網議程連結 ➡️ https://hitcon.org/2022/agenda/60d3504d-d837-4faa-aa6c-0a707b8f1730

▍The Road to Riches: From Binary Researcher to Bounty Hunter

In the past, bug bounties were considered only for web security researchers. However, there were bug bounty programs for researchers focused on reverse engineering of binaries.

Impacts of these kinds of researchers could be much bigger, and vendors have since come out with various bug bounties regarding such fields.

You might be interested in such bounty programs if your field of research has been focused on reverse engineering!

In this session, Lays will introduce us to the world of bug bounties and share on his recent experiences of bounty programs from various vendors, and introduce differences of bounty programs for both web and binary.

Link ➡️ https://hitcon.org/2022/agenda/60d3504d-d837-4faa-aa6c-0a707b8f1730

【 HITCON PEACE 2022 Agenda｜Automated vulnerability discovery & malware research】

▍ProMutator: 透過變異區塊鏈交易以檢測去中心化金融中的價格預言機漏洞

在加密貨幣市場的投資項目中，價格預言機（Price Oracle）一直是一個很重要元件，只要價格出錯，就會導致許多項目慘賠，而這個也剛好是駭客眼睛一亮的目標，在今年的 5 月 30 日，Anchor 協議中的一個預言機（Oracle）漏洞就造成了約 80 萬美元的損失

因此在這場議程中，講者將著重在如何利用 ProMutator 這個可擴展的安全分析框架，以及區塊鏈上的交易資訊就能找出價格預言機漏洞！

想當幣圈賞金獵人嗎？想一夜致富嗎？快來參加這場議程吧！

官網議程連結 ➡️ https://hitcon.org/2022/agenda/c62859f9-d6be-4cb8-984f-010f8c3bab71

▍ProMutator: Detecting Price Oracle Vulnerabilities in DeFi by Mutated Transactions

In the world of DeFi, manipulation of price oracles is a very serious issue - as data or prices have been manipulated in some ways benefictual to attackers, it could cause serious losses to the investors. This has been a high value target - for example, in May 30th, 2022, an vulnerability of Anchor protocol caused its oracle being manipulated and resulted in an loss of approximately $800,000.

In this session, we'll introduce how to use ProMutator, an expandable framework to find vulnerabilities of price oracles using the framework itself, and combined with datas on the chain.

Don't miss this session if you're interested in finding riches on the blockchain!

Link ➡️ https://hitcon.org/2022/agenda/c62859f9-d6be-4cb8-984f-010f8c3bab71

【 HITCON PEACE 2022 Agenda｜CyberWar: APT Groups Research】

▍Hack The Real Box: an analysis of multiple campaigns by APT41's subgroup Earth Longzhi

在駭客族群的分類跟命名上，常常會有族群重疊或是分類不清的狀況，而 APT41 這個大族群，更是困擾研究人員多時

到底 APT41 跟 Grayfly、Winnti、Earth Baku、GroupCC、Sparkling Goblin、Earth Longzhi 等族群之間的關係，是何等的愛恨糾葛呢？讓我們繼ㄒㄩˋ…..不對

在這場議程中，將由台日研究員攜手合作分析！

用各種實際的資料（APT 族群的戰術、工具設計等）讓大家了解這些族群之間的關聯

如果想學習如何進行威脅情資的分析、想知道如何防患於未然，這場議程千萬不可錯過！

官網議程連結 ➡️ https://hitcon.org/2022/agenda/b8861eee-0d4b-4b8c-90c0-9fd9f4ccc8c4

▍Hack The Real Box: an analysis of multiple campaigns by APT41's subgroup Earth Longzhi

It could be difficult to name and classify APT actors, and APT41 is one example: it had been troubling researchers for a long while. APT41's relationship with Grayfly, Winnti, Earth Baku, GroupCC, Sparkling Goblin and Earth Longzhi is a long-discussed and debated topic.

In this joint session of Japanese-Taiwaese researchers, we'll bring you some insights and datas, such as TTPs of such groups, and their toolings, to introduce differences between these groups.

Come to this session if you're interested in threat intelligence, analysis, and on how to prevent intrusions!

Link ➡️ https://hitcon.org/2022/agenda/b8861eee-0d4b-4b8c-90c0-9fd9f4ccc8c4

【 HITCON PEACE 2022 Agenda｜Systemized Enterprise Cyber Security Management】

▍Actually, your blue team is red. Stealing your red move from the blue side

當藍隊遇上神級紅隊究竟會發生什麼事情呢❓

如果你有興趣的話千萬不要錯過這場有故事也有技術的議程❗️

2021 年 Exchange Server ProxyShell 漏洞轟動一時

那當藍隊遇上攻擊事件時到底該如何應變，以及又是如何藉由場域中留下來的蛛絲馬跡成功重現當時由 🍊 所使用的 Proxyshell expolit chain

最後也將透過藍隊視角來觀察整個攻擊事件，如果今天當你是攻擊手的時候，又該如何在極高度監控的環境盡量不留下痕跡的技巧！

官網議程連結 ➡️ https://hitcon.org/2022/agenda/19178cd3-cd52-420b-999a-d432891b1782

▍Actually, your blue team is red. Stealing your red move from the blue side

What happens when a blue team meets a top-tier red team? 

Don't miss this session if you're interested in a session with a background and technical details!

We'll share how blue teams react against a high impact 0-day such as ProxyChain, and how to reconstruct the entire exploit chain from a post-exploit environment. Lastly, we'll share what the blue team experiences when they're engaging a top-tier red team, and how to not leave traces as an attacker.

Link ➡️ https://hitcon.org/2022/agenda/19178cd3-cd52-420b-999a-d432891b1782

【 HITCON PEACE 2022 Agenda｜Cyber Attack on Critical Infrastructure】

▍當健保卡元件成為駭客的任意門

在台灣健保卡可以說是不可或缺的存在 🧐

報稅、公部門等不少線上服務，除了自然人憑證，亦可透過健保卡來做認證，近年來更是因為 COVID-19 疫情關係，多了口罩、疫苗預約服務，使得健保卡使用率更是提高不少；而在被大量普及作為認證媒介時，用來認證的健保卡元件，是否真的安全呢?

這場議程講者將會介紹，目前健保卡元件上的架構、挖掘到的漏洞，以及也會一併解說攻擊者將會如何利用這些漏洞在健保卡元件上達成 Remote Code Execution

在最後也會分享講者如何從弱點回報變成協助廠商修復的有趣經歷！

官網議程連結 ➡️ https://hitcon.org/2022/agenda/f1a4c0f0-d5f9-4a1c-bcdd-dc3fd6109b26

▍When the NHI card component becomes an backdoor for hackers

National Health Insurance (NHI) cards are something Taiwanese are highly likely to be using often.

Not only could it be used for taxes, authenticating with services from the public sector, or as a substitute of a citizen digital certificate, it has been combined with other services since COVID-19, such as applying for vaccines or buying masks, and bringing the usage of it to the next level. Is it really safe when NHI cards have become an important authentication factor for identity on the Internet? How about their applets?

In this session, we'll introduce on recent findings in Windows-based applets, including its architecture, the vulnerability we found, and will go into details of how to exploit it and achieving remote code executions,

Lastly, we'll share our experience of how a bug report turns into fixing vulnerability for the vendor!

Link ➡️ https://hitcon.org/2022/agenda/f1a4c0f0-d5f9-4a1c-bcdd-dc3fd6109b26

#HITCON #HITCON2022 #HITCON_PEACE_2022 #HITCON2022_AGENDA