Training: reverse engineering with Metasm

The training sessions will give the opportunity to learn to harness the Metasm framework. Yoann Guillot, its main developer, and Alexandre Gazet, both members of Sogeti ESEC R&D, will be there to help students when they start the analysis of obfuscated binaries. This domain was already covered during a few conferences, like the latest HITB Malaysia, during which Metasm was used to defeat heavily protected binary programs. In the training session, the students will work on smaller sized binaries, involving both static and dynamic analyses. On this occasion, they will learn to quickly and efficiently leverage the framework by writing custom scripts to assist them in their day to day code analysis duties.

Metasm Lab: reverse engineering for beginners

For those who will not be able to attend the training, a lab session is also scheduled during the conference. Yoann and Alexandre will give a shorter introduction to Metasm hacking. It will cover the most fundamental tools in the framework, like the debug API, the disassembler and the compiler. In the end, attendees will be able to dive into Metasm and start reversing strongly protected binaries.

Talk: subverting the Windows 7 x64 kernel with DMA attacks

Damien Aumaitre and Christophe Devine, also from Sogeti ESEC R&D, will present a new cutting-edge attack targeting the latest operating system from Microsoft, Windows 7, effectively disabling all protection features (driver signing, integrity checking...). First, we will give details on the internal structures of the new Windows 7 kernel. Then we will present a home FPGA-based PCMCIA card used to gain control of the host, bypassing all protections, just by plugging it in the host.