What happens when you type google.com in a browser and press Enter? And what happens when you press the button "Sign in with Google" in the browser? Two of our speakers - Mauro Tempesta from the team bacaro_tour and Nikita Stupin from Mail.ru - know well the answer to the second question. Nikita will tell us about vulnerabilities OAuth 2.0 on moble devices and also he will show the most common and crucial vulnerabilities of usual OAuth 2.0, the mechanisms of defense and typical mistakes of developers. Mauro will present WPSE - a browser-side security monitor for web protocols which helps to prevent attacks on OAuth and SAML and to find vulnerabilities in different implementations of OAuth and its analogues.
In case you need it, the answer to the first question is here:
https://github.com/alex/what-happens-when
And you can register for the conference here:
https://ructf.org/registration/
In case you need it, the answer to the first question is here:
https://github.com/alex/what-happens-when
And you can register for the conference here:
https://ructf.org/registration/
We now have a hotline!
+7 999 565 55 35
You can call us at any time of night and day and ask us anything that may concern you.
Mobile connection for foreign teams in Russia and our hotline is provided by MegaFon, we really appreciate that!
+7 999 565 55 35
You can call us at any time of night and day and ask us anything that may concern you.
Mobile connection for foreign teams in Russia and our hotline is provided by MegaFon, we really appreciate that!
We will spend first two days of RuCTF in Ural Hi-Tech Park! This place is great for conferences: big hall, separate rooms for workshops and round table.
We understand that it is quite far away from city center, and have a solution to this problem. We've set up free buses going from the center.
You can get on it in the morning at Ural Opera Theater and Square 1905 station and get back in the evening.
Exact position of the bus stops is on the map: ruc.tf/map. There will be volunteers waiting on them with RuCTF signs.
We understand that it is quite far away from city center, and have a solution to this problem. We've set up free buses going from the center.
You can get on it in the morning at Ural Opera Theater and Square 1905 station and get back in the evening.
Exact position of the bus stops is on the map: ruc.tf/map. There will be volunteers waiting on them with RuCTF signs.
In the middle of the day you can use bus №25 from the city center. It costs 28₽, you can pay with cash or PayPass/PayWave/Apple Pay/Google Pay.
Good morning!
RuCTF will starts today! You can get badge from 10:00 till the end of the day.
Opening ceremony will take place at 11:00 in Conference Hall, full timetable is here: https://ructf.org/events
Just to remind you: hotline is +7 999 565 55 35 and buses’ timtable is here: https://news.1rj.ru/str/RuCTF_En/432
RuCTF will starts today! You can get badge from 10:00 till the end of the day.
Opening ceremony will take place at 11:00 in Conference Hall, full timetable is here: https://ructf.org/events
Just to remind you: hotline is +7 999 565 55 35 and buses’ timtable is here: https://news.1rj.ru/str/RuCTF_En/432
The opening ceremony of RuCTF in conference hall on the second floor is already in motion!
Tour around technopark, launches of workshops and start of the conference awaits you after several welcoming words.
If you still aren't here, pick up your badge at registration table and hurry over here!
Tour around technopark, launches of workshops and start of the conference awaits you after several welcoming words.
If you still aren't here, pick up your badge at registration table and hurry over here!
Right now, a tour of the Hi-Tech Park for the participants of the event from Nuriev Marat Ravilovich!
Await in the coffee break area.
Await in the coffee break area.
If you could not come to our conference, watch the broadcast on YouTube!
Link: https://www.youtube.com/watch?v=udcQ6Kaz_Ho
First report is at 12.30.
Link: https://www.youtube.com/watch?v=udcQ6Kaz_Ho
First report is at 12.30.
First talk of the conference is "Useful Burp Suite plugins and another tips and tricks", Denis Rybin, Digital Security
It will happen in the conference hall
Or watch the stream: https://www.youtube.com/watch?v=udcQ6Kaz_Ho
It will happen in the conference hall
Or watch the stream: https://www.youtube.com/watch?v=udcQ6Kaz_Ho
Here is everything about first day at HackZone room, briefly:
There will be a lot of interactivity: keyboards, Lockpicking, hardware quests.
Start is at 13.30. Events will go like this:
📎Mechanical keyboards, Flumeded
📎Develop your own mechanical keyboard, The2lb3oz4dr10gr Of Hedgehogs
📎Lockpicking, Nipnull
📎17.00 Points of Failure, Maxim Dok2D
Full schedule: https://ructf.org/en/events/
There will be a lot of interactivity: keyboards, Lockpicking, hardware quests.
Start is at 13.30. Events will go like this:
📎Mechanical keyboards, Flumeded
📎Develop your own mechanical keyboard, The2lb3oz4dr10gr Of Hedgehogs
📎Lockpicking, Nipnull
📎17.00 Points of Failure, Maxim Dok2D
Full schedule: https://ructf.org/en/events/
"From memory leak to RCE: how dangerous can be processing of mediafiles" by Ilja Bulatov, Digital Security talk is going right now
Stream: https://www.youtube.com/watch?v=udcQ6Kaz_Ho
Stream: https://www.youtube.com/watch?v=udcQ6Kaz_Ho
Main topic of the talk: attacks on web-apps for media-file processing. Vulnerability exploit case study and famous cases of most prominent exploits.
First part of the day is over!
Right now you can freely take part in other events.
Don't forget about the lunch at 15:00
!WARNING!
Don't get up on the 3rd or 4th floor, they aren't in the RuCTF
Right now you can freely take part in other events.
Don't forget about the lunch at 15:00
!WARNING!
Don't get up on the 3rd or 4th floor, they aren't in the RuCTF
You can head out to the restaurant on the first floor already.
If you are a contestant, take a look in your bag, you've been given 2 food tickets
If you are a contestant, take a look in your bag, you've been given 2 food tickets
Hey,
we've got a new feature, especially for you!
Our @ret2retro_bot is ready to turn you and your team photos into retro. Just send him a photo and be ready to catch the wave! If you prefer web interface, bot is waiting you on ret2retro.ruc.tf
Prepare your teammates to diving into the fashion!
And don't forget to share it with #RuCTF and #ret2retro tags.
we've got a new feature, especially for you!
Our @ret2retro_bot is ready to turn you and your team photos into retro. Just send him a photo and be ready to catch the wave! If you prefer web interface, bot is waiting you on ret2retro.ruc.tf
Prepare your teammates to diving into the fashion!
And don't forget to share it with #RuCTF and #ret2retro tags.
Forwarded from RuCTF
итог. ED_BurpPluginsRuCTF2019 (2).pdf
3.4 MB