The next (May) HackFormers meeting will be held on May 5th, 2017 at the BSides Austin 2017 event/location. It is free and open to all HackFormers and BSides attendees.
PLEASE READ THIS ENTIRE POST BEFORE REGISTERING.
— SPECIAL NOTE —
In order to attend the HackFormers event, you must be have a printed parking permit to enter and park in the JJ Pickle campus. NOTE: You do not need to register in the BSides Austin site as was originally communicated. Please print your PARKING PERMIT here
Trainer/Speaker: John deGruyter (@johndegruyter )
Date: May 5th, 2017 (Friday)
Meeting Time: 9:00 am – 12:00 pm. Training followed by the HackFormers talk.
Venue: BSides Austin 2017 location. JJ Pickle Research Center
Address: 10100 Burnet Road, Bldg 137. Austin, TX 78758. (512) 341-7000
Note. This is not the usual Microsoft Location and the event is colocated in the same location as the BSides Austin location.
Link to register for HackFormers event only:
Abstract:
In the Teach Security part of this talk, John will be doing a technical breakdown of a recently discovered vulnerability in the usbpcap driver (CVE-2017-6178) and see how it can be leveraged to elevate privileges from within the windows kernel. Details about this hands-on training is given below. In the Teach Christ and Security in Christ part of this talk, John will share on “Evolving Purpose, The (ongoing) Journey of a Hungry Hacker”.
Speaker Bio:
John deGruyter started his professional career in the 90s humping a pack and carrying an M-16 in the United States Marine Corps. Now, he enjoys taking things apart and studying how they work on a low level. His hunger for learning soon developed into a passion for teaching. He is a regular speaker at local security meet ups and has written course material and taught as an adjunct professor for The George Washington University.
-
An overview of the Windows kernel
- Virtual memory
- Privilege levels
- Object manager
- Interacting with drivers and devices
- Analyzing crash dumps and live debugging with windbg
Required Materials:
Students will be required to bring a laptop running VMWare Workstation or VMWare Fusion. (The 30 day trial is fine)
The following virtual machine will be required:
- Windows 8 32-bit, unpatched (a free trial is available here: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-8-enterprise)