네이버 지식인 활동을 하면서 간헐적으로 게임중계사이트에서 마일리지를 해킹당했다는 질문이 올라옵니다.

제가 활동했더 사이트들 중에 아이템베이 혹은 아이템매니아에서 물건을 전문적으로 판매하는 사람들의 커뮤니티 사이트가 있었는데, 추석전부터 이미 해킹징조가 보이기 시작했습니다.

전문적으로 판매하시는 분들이다 보니 계정당 몇백만 마일리지는 기본이였는데, 해킹을 당한 것입니다. 추석때는 피크였지요. 수많은 피해자들이 커뮤니티에 글을 올렸습니다.

이렇게 본다면 중계사이트 내부소행 또는 정말 보안의 허술함 같습니다. 아마도 추세에 따라 ARP 스푸핑 해킹이 맞는 것 같습니다.

http://www.etnews.co.kr/news/detail.html?id=201010150100

리버싱 하시는 분들에게 매우 유용하게 쓰일 것 같습니다. EAX 같은 레지스터 용어를 SIS 카페 어느분께서 깔끔하게 정리해 놓으셨습니다.

저도 프린트해서 사용해야 겠네요. 요즘 리버싱을 배우고 있고.....




출처 : http://cafe.naver.com/nsis/46493

Defacon 18 에서 발표되었던 발표자료, 오디오파일, 비디오 파일 등이 제공되고 있습니다.

 

http://contagiodump.blogspot.com/2010/09/defcon-18-audio-in-mp3-files.html

발표 자료들 : http://www.defcon.org/html/links/dc-archives/dc-18-archive.html

 

TRACK 1
  1. Track-1_Perspectives_in_Cybersecurity_and_Cyberwarfare_Max_Kelly
  2. Track 1 Meet the Feds - CSITCPIP Panel
  3. Track 1 DNS Systemic Vulnerabilities and Risk Management A Discussion Panel
  4. Track 1 Meet the Feds - Policy, Privacy, Deterrence and Cyber War Panel 
  5. Track 1 Enough Cyber Talk Already! Help Get this Collaboration Engine Running Riley Repko 
  6. Track 1 Open Letter - Call to Action Panel
  7. Track 1 Of Bytes and Bullets Panel 
  8. Track 1 Exploiting WebSphere Application Server’s JSP Engine Ed Schaller
  9. Track 1 Mastering the Nmap Scripting Engine Fyodor David Fifield
  10. Track 1 Meet the EFF Kevin Bankston- Eva Galperin- Jennifer Granick- Marcia Hofmann- Kurt Opsahl
  11. Track 1 Black Ops Of Fundamental Defense Web Edition Dan Kaminsky
  12. Track 1 Legal Developments in Hardware Hacking Jennifer Granick Matt Zimmerman
  13. Track 1 App Attack Surviving the Mobile Application Explosion Kevin Mahaffey John Hering
  14. Track 1 This is Not the Droid You’re Looking For Nicholas J. Percoco- Christian Papathanasiou
  15. Track 1 Practical Cellphone Spying Chris Paget
  16. Track 1 HD Voice - The Overdue Revolution Doug Mohney
  17. Track 1 These Aren’t the Permissions You’re Looking For  Anthony Lineberry- David Luke Richardson- Tim Wyatt
  18. Track 1 Mobile Privacy Tor on the iPhone and Other Unusual Devices Marco Bonetti
  19. Track 1 Resilient Botnet Command and Control with Tor
  20. Track 1 Ripping Media Off Of the Wire HONEY
  21. Track 1 The Search for Perfect Handcuffs... and the Perfect Handcuff Key Deviant Ollam- Dave- Dr. Tran- Ray
  22. Track 1 Attack the Key, Own the Lock Schuyler Towne- datagram
  23. Track 1 PCI Compromising Controls and Compromising Security Jack Daniel Panel
  24. Track 1 How I Met Your Girlfriend Samy Kamkar
  25. Track 1 Decoding reCAPTCHA Chad Houck- Jason Lee
  26. Track 1 So Many Ways to Slap A Yo-Ho Xploiting Yoville and Facebook for Tom Stracener Strace- Sean Barnum- Chris Peterson
  27. Track 1 Social Networking Special Ops Extending Data Visualization Tools The Suggmeister
  28. Track 1 Getting Social with the Smart Grid Justin Morehouse Tony Flick
TRACK 2

  1. Track 2 An Examination of the Adequacy of the Laws Related to Cyber Warfare Dondi West
  2. Track 2 Balancing the Pwn Trade Deficit Val Smith- Colin Ames- Anthony Lai
  3. Track 2 Build Your Own Security Operations Center for Little or No Money
  4. Track 2 Cloud Computing, a Weapon of Mass Destruction David VideoMan- M. N.Bryan- Michael Anderson
  5. Track 2 Cyber CrimeWarCharting Dangerous Waters Iftach Ian Amit
  6. Track 2 Cyberterrorism and the Security of the National Drinking Water Infrastructure John McNabb
  7. Track 2 Drivesploit Circumventing Both Automated AND Manual Wayne Huang
  8. Track 2 Exploiting SCADA Systems Jeremy Brown
  9. Track 2 Hacking and Protecting Oracle Database Vault Esteban Martínez Fayó
  10. Track 2 Hacking Oracle From Web Apps
  11. Track 2 How Unique Is Your Browser Peter Eckersley
  12. Track 2 Industrial Cyber Security Wade Polk- Paul Malkewicz- J. Novak
  13. Track 2 Kim Jong-il and Me How to Build a Cyber Army to Defeat the U.S. Charlie Miller
  14. Track 2 Lord of the Bing Taking Back Search Engine Hacking Rob Ragan- Francis Brown
  15. Track 2 Multiplayer Metasploit Tag-Team Penetration and Information Gathering Ryan Linn
  16. Track 2 NoSQL, No Injection Wayne Huang, Kuon Ding
  17. Track 2 Passive DNS Hardening Robert Edmonds- Paul Vixie
  18. Track 2 Powershell...omfg David Kennedy ReL1K-, Josh Kelley
  19. Track 2 SCADA and ICS for Security Experts How to Avoid Cyberdouchery James Arlen
  20. Track 2 Seccubus - Analyzing Vulnerability Assessment Data the Easy Way Frank Breedijk
  21. Track 2 SHODAN for Penetration Testers Michael Schearer
  22. Track 2 Tales from the Crypto G. Mark Hardy
  23. Track 2 The Night The Lights Went Out In Vegas Demystifying The Night The Lights Went Out In Vegas Demystifying  Barrett Weisshaar, Garret Picchioni
  24. Track 2 The Power of Chinese Security Anthony Lai-Jake Appelbaum- Jon Oberheide.
  25. Track 2 Token Kidnapping's Revenge Cesar Cerrudo
  26. Track 2 Toolsmithing an IDA Bridge, Case Study for Building a RE tool Adam Pridgen, Matt Wollenweber
  27. Track 2 Wardriving the Smart Grid Practical Approaches to Attacking Utilit Shawn Moyer- Nathan Keltner
  28. Track 2 You Spent All That Money and You Still Got Owned Joseph McCray
TRACK 3
  1.     Track 3 0box Analyzer AfterDark Runtime Forensics for Automated Malware Analysis and Clustering Wayne Huang, Jeremy Chiu, Benson Wu
  2.     Track 3 A New Approach to Forensic Methodology - !!BUSTED!! Case Studies David C. Smith, Samuel Petreski
  3.     Track 3 Advanced Format String Attacks Paul Haas
  4.     Track 3 An Observatory for the SSLiverse Peter Eckersley, Jesse Burns
  5.     Track 3 Bad Memories Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, Dan Boneh
  6.     Track 3 Big Brother on the Big Screen FactFiction Nicole Ozer, Kevin Bankston
  7.     Track 3 Browser Based Defenses James Shewmaker
  8.     Track 3 Changing Threats To Privacy From TIA to Google Moxie Marlinspike
  9.     Track 3 Connection String Parameter Attacks Chema Alonso, José Palazón "Palako"
  10.     Track 3 Constricting the Web Offensive Python for Web Hackers Nathan Hamiel, Marcin Wielgoszewski
  11.     Track 3 Exploiting Internet Surveillance Systems Decius
  12.     Track 3 FOCA2 The FOCA Strikes Back Chema Alonso, José Palazón "Palako"
  13.     Track 3 Hacking DOCSIS For Fun and Profit Blake Self, bitemytaco
  14.     Track 3 Hacking Facebook Privacy Chris Conley
  15.     Track 3 How To Get Your FBI File (and Other Information You Want from the Federal Government) Marcia Hofmann
  16.     Track 3 How to Hack Millions of Routers Craig Heffner
  17.     Track 3 masSEXploitation Michael Brooks "The Rook"
  18.     Track 3 Open Source Framework for Advanced Intrusion Detection Solutions Patrick Mullen, Ryan Pentney
  19.     Track 3 Our Instrumented Lives Sensors, Sensors, Everywhere...Greg Conti
  20.     Track 3 pyREtic - In-memory Reverse Engineering for Obfuscated Python Bytecode Rich Smith
  21.     Track 3 Repelling the Wily Insider Matias Madou, Jacob West
  22.     Track 3 Search & Seizure & Golfballs Jim Rennie, Eric Rachner
  23.     Track 3 The Anatomy of Drug Testing Jimi Fiekert
  24.     Track 3 The Law of Laptop Search and Seizure Jennifer Granick, Kevin Bankston, Marcia Hofmann, Kurt Opsahl
  25.     Track 3 This Needs to be Fixed, and Other Jokes in Commit Statements Bruce Potter, Logan Lodge
  26.     Track 3 WPA Too Md Sohail Ahmad
  27.     Track 3 Your ISP and the Government Best Friends Forever Christopher Soghoian
TRACK 4
  1. track 4    Breaking Bluetooth by Being Bored JP Dunning
  2. track 4    Build a Lie Detector/Beat a Lie Detector Rain- urbanmonkey
  3. track 4    Build your own UAV 2.0 - Wireless Mayhem from the Heavens Michael Weigand- Renderman- Mike Kershaw
  4. track 4    Bypassing Smart-Card Authentication and Blocking Debiting Vulnerabilities in Atmel Cryptomemory-Based Stored-Value Systems Jonathan Lee- Neil Pahl
  5. track 4    DCFluX in: Moon-Bouncer Matt Krick
  6. track 4    Deceiving the Heavens to Cross the Sea Using the 36 Stratagems for Social Engineering Jayson E. Street
  7. track 4    Exploitation on ARM - Technique and Bypassing Defense Mechanisms Itzhak “zuk”” Avraham
  8. track 4    Exploiting Digital Cameras Oren Isacson- Alfredo Ortega
  9. track 4    ExploitSpotting: Locating Vulnerabilities Out of Vendor Patches Automatically Jeongwook Oh
  10. track 4    Extreme-Range RFID Tracking Chris Paget
  11. track 4    Function Hooking for Mac OSX and Linux Joe Damato
  12. track 4    Getting Root: Remote Viewing- Non-Local Consciousness Richard Thieme
  13. track 4    Hacking with Hardware: Introducing the Universal RF Usb Keboard Emulation Device - URFUKED Monta Elkins
  14. track 4    How Hackers Won the Zombie Apocalypse Dennis Brown
  15. track 4    Implementing IPv6 at ARIN Matt Ryanczak
  16. track 4    Insecurity Engineering of Physical Security Systems: Locks- Lies- and Videotape Marc Weber Tobias- Tobias Bluzmanis- Matt Fiddler
  17. track 4    IPv6: No Longer Optional John Curran
  18. track 4    Jackpotting Automated Teller Machines Redux Barnaby Jack
  19. track 4    Live Fire Exercise: Baltic Cyber Shield 2010 Kenneth Geers
  20. track 4    Physical Computing- Virtual Security: Adding the Arduino Microcontroller Leigh Honeywell- follower
  21. track 4    Physical Security Youre Doing It Wrong A.P. Delchi
  22. track 4    Programmable HID USB Keystroke Dongle Using the Teensy as a Pen Testing Device Adrian Crenshaw
  23. track 4    SMART Project: Applying Reliability Metrics to Security Vulnerabilities Blake Self- Wayne Zage- Dolores Zage
  24. track 4    VirGraff101: An Introduction to Virtual Graffiti Tottenkoph
  25. track 4    We Don’t Need No Stinkin Badges: Hacking Electronic Door Access Controllers Shawn Merdinger
  26. track 4    Weaponizing Lady GaGa- Psychosonic Attacks Brad Smith
  27. track 4    Web Services We Just Don’t Need Mike “mckt” Bailey
  28. track 4    Welcome and Making the DEF CON 18 Badge Dark Tangent- Joe Grand
TRACK 5
  1. Track 5 Air Traffic Control Insecurity 2.0 Righter Kunkel
  2. Track 5 Antique Exploitation aka Terminator 3.1.1 for Workgroups Jon Oberheide
  3. Track 5 Be a Mentor Marisa Fagan
  4. Track 5 Blitzableiter - the Release Felix FX Lindner
  5. Track 5 ChaosVPN for Playing CTFs mc.fly, ryd, vyrus, no_maam
  6. Track 5 Crawling BitTorrent DHTs for Fun Scott Wolchok
  7. Track 5 Defcon Security Jam III: Now in 3-D Panel
  8. Track 5 Electronic Weaponry or How to Rule the World While Shopping at Radio Shack Mage2
  9. Track 5 Evilgrade, You Still Have Pending Upgrades Francisco Amato- Federico Kirschbaum
  10. Track 5 Facial Recognition: Facts, Fiction; and Fcsk-Ups Joshua Marpet
  11. Track 5 FOE‚ The Release of Feed Over Email Sho Ho
  12. Track 5 From No Way to 0-day Weaponizing the Unweaponizable Joshua Wise
  13. Track 5 Gaming in the Glass Safe - Games DRM and Privacy Ferdinand Schober
  14. Track 5 Google Toolbar The NARC Within Jeff Bryner
  15. Track 5 Hacking .Net Applications A Dynamic Attack Jon McCoy
  16. Track 5 Hardware Hacking for Software Guys Dave King
  17. Track 5 Kartograph Finding a Needle in a Haystack or How to Apply Reverse Engineering Techniques to Cheat at Video Games Elie Bursztein Jocelyn Lagarenne
  18. Track 5 Katana Portable Multi-Boot Security Suite JP Dunning
  19. Track 5 Letting the Air Out of Tire Pressure Monitoring Systems Mike Metzger
  20. Track 5 Like a Boss: Attacking JBoss Tyler Krpata
  21. Track 5 Malware Freak Show 2 The Client-Side Boogaloo Nicholas J. Percoco, Jibran Ilyas
  22. Track 5 Malware Migrating to Gaming Consoles Embedded Devices an Antivirus-Free Safe Hideout For Malware Ahn Ki-Chan Ha Dong-Joo
  23. Track 5 My Life as a Spyware Developer Garry Pejski
  24. Track 5 oCTF: 5 years in 50 minutes Panel
  25. Track 5 Open Public Sensors and Trend Monitoring Daniel Burroughs
  26. Track 5 Operating System Fingerprinting for Virtual Machines Nguyen Anh Quynh
  27. Track 5 Pwned By The Owner What Happens When You Steal a Hacker’s Computer Zoz
  28. Track 5 Searching for Malware A Review of Attackers’ Use of Search Engines to Lure Victims David Maynor, Paul Judge, PhD
  29. Track 5 Securing MMOs A Security Professional’s View from the Inside metr0
  30. Track 5 The Games We Play Brandon Nesbit
  31. Track 5 Training the Next Generation of Hardware Hackers Andrew Kongs- Dr. Gerald Kane
  32. Track 5 Web Application Fingerprinting with Static Files Patrick Thomas
  33. Track 5 Who Cares About IPv6 Sam Bowne
  34. Track 5 WiMAX Hacking 2010 Pierce, Goldy, aSmig, sanitybit
  35. Track 5 Your Boss is a Douchebag... How About You Luiz effffn Eduardo
Early video from Defcon.org
  1. DEFCON 18 Hacking Conference Presentation By Joe Grand and Dark Tangent - Welcome And Behind The Scenes Of The DEFCON Badge - Slides.m4v
  2. DEFCON 18 Hacking Conference Presentation By Barnaby Jack - Jackpotting Automated Teller Machines Redux - Slides.m4v
  3. DEFCON 18 Hacking Conference Presentation By David Maynor and Paul Judge - Searching For Malware - Slides.m4v
  4. DEFCON 18 Hacking Conference Presentation By Chris Paget - Practical Cellphone Spying - Slides.m4v 
  5. DEFCON 18 Hacking Conference Presentation By Md Sohail Ahmad - WPA Too! - Slides.m4v

+ Recent posts