All workshops begin at 2pm (Nov 29).
Ghidra For ARM
| Speaker | Maximilien Bouchez |
|---|---|
| Workshop Title | Introduction to embedded software reverse engineering with Ghidra (drone's firmware, ARM architecture) |
| Duration | 4 hours |
| Language | French but can answer questions in English (Slide deck is in English) |
| Number of participants | 30 |
| Requirements |
|
| Abstract |
Have you ever dreamed of accessing the source code of an application to gain a deeper understanding of its inner workings? To uncover hidden secrets or search for vulnerabilities? Perhaps even to modify its behavior? Software reverse-engineering is the key to realizing these dreams. This workshop explains major principles of software reverse-engineering step by step. At each step you will practice on a real production software which is the embedded software of a popular drone. That will be the opportunity to get familiar with microcontroller programming and ARM instruction set. You will also learn to use the well-known software reverse-engineering tool: Ghidra. At the end of this workshop, you will have identified an unsafe communication protocol and an unexpected way to control the drone. |
Capture The Drone
| Speaker | Jules Sarran |
|---|---|
| Workshop Title | Capture The Drone |
| Duration | 4 hours |
| Language | French but can answer questions in English |
| Number of participants | 20 |
| Requirements |
|
| Abstract |
Venez l'espace de quelques heures vous mettre dans la peau d'un hacker et laissez-vous guider vers l'exploitation des vulnérabilités d'un drone grand public. Attaques hardware, attaques radio, reverse engineering, buffer overflow, vous pourrez expérimenter les multiples facettes de la cybersécurité des systèmes embarqués et appliquer ces concepts sur une cible concrète. A l'issue de ce workshop, vous aurez détourné un drone avec un équipement radio, extrait et reverse le firmware du drone et exploité une vulnérabilité typique des systèmes embarqués. |
Side Channel Attacks
| Speaker | Nabil Hamzi (@FdLSifu) |
|---|---|
| Workshop Title | Side channel attacks and countermeasures |
| Duration | 4 hours |
| Language | French / English |
| Number of participants | 20 |
| Requirements |
|
| Abstract |
This workshop provides an introduction to Side Channel Attacks through Power Analysis. It's designed for those interested in learning practical techniques to exploit vulnerabilities in cryptographic implementations. The workshop covers topics like leakage models, Hamming weight, Differential Power Analysis (DPA) and Correlation Power Analysis (CPA). The focus is on practical skills rather than in-depth theoretical knowledge of cryptography, signal processing, hardware, or advanced statistical tools. By the end of the workshop, participants will have a solid understanding of how to perform side-channel attacks and gain insights into how to protect against them. |
Android Application Reverse Engineering
| Speaker | Cedric Lucas |
|---|---|
| Workshop Title | Android Application Reverse Engineering |
| Duration | 2 hours |
| Language | French but can answer questions in English |
| Number of participants | 16 |
| Requirements |
|
| Abstract |
The workshop will present Android applications, particularly how they are created. We will explore different tools to run Android applications on our computers and analyze them. Finally, we will use JEB to reverse engineer a basic application, including decompilation and debugging. |
Hydrabus 101
| Speaker | Nicolas Oberli (@Baldanos) / Karim Sudki (@Az0x) |
|---|---|
| Workshop Title | Hydrabus 101 |
| Duration | 3 hours |
| Language | French but can answer questions in English |
| Number of participants | 20 |
| Requirements |
|
| Abstract |
Ever wondered how to start with hardware hacking ? This workshop will present you some simple techniques you'll need to get you started. Of course, the best way to learn is by doing so we prepared a target device for you to fiddle with during the workshop. At the end of this 3-hour workshop, you should be able to:
|
WHAD
| Speaker | Romain Cayre and Damien Cauquil |
|---|---|
| Workshop Title | One for all and all for WHAD: wireless shenanigans made easy! |
| Duration | 4 hours |
| Language | French but can answer questions in English |
| Number of participants | 25 |
| Abstract |
A lot of security research have recently focused on various wireless communication protocols, targeting smartphones, wireless mice and keyboards and even cars. In order to demonstrate these attacks, researchers developed dedicated tools that for most of them include some specialized firmware of their own but also rely on various unique custom host/device communication protocols. These tools work great but are strongly tied to some specific hardware that at some point will not be available anymore, or require hackers to buy more hardware to carry on to have fun with. Why not making these tools compatible with more hardware ? And why researchers always have to create their own host/device protocol when it comes to using a dedicated hardware ? Why not having one flexible protocol and related tools to rule them all ? We will present in this workshop WHAD, a framework that provide an extensible host/device communication protocol, dedicated protocol stacks and way more for hackers who love having fun with wireless protocols. WHAD makes interoperability possible between tools by allowing different hardware devices to be used if they provide the required capabilities, giving the opportunity to create advanced tools without having to care about the hardware and its firmware in most of the cases! |