Casper
   Forensics and Anti-Forensics
 
 
   
 Silverbug
   How to Hack Your Cell Phones
 
 
   
 i3eat
   Hacking with Nintendo DS
 
 
   
 Daiki Fukumori 
   Attacking Web 2.0
 
 
   
 Dave Aitel
   Using Immunity Debugger to Write Exploits
 
 
 
 
 AmesianX
   How to Implement COM Monitor
 
 
   
 @tlas
   VulCatcher:Fun with Vtrace and Progmmatic Debugging
 
 
 
 
 Hendrik
   Hacking VoIP Routers
 
 
   
 Sun Bing
   Bios Boot Hijacking & VMware Vulnerabilities Digging
 
 
---

AmesianX, "How to Implement COM Monitor(tracing COM modules in real-time)"

AmesianX is the administrator of powerhacker.net. He enjoyed the CTF of Defcon 15 as a member of Song of Freedom team. 

AmesianX will show you the way to monitor important information through the real-time COM hooking. And he will also demonstrate how to implement advanced COM worm using this technique. 


--------------------------------------------------------------------------------

@tlas, "VulnCatcher: Fun with Vtrace and Programmatic Debugging"

@tlas is the leader of the Defcon 14, 15 CTF winner team 1@stPlace. 

Many hours are spent researching vulnerabilities in proprietary and open source software for each bug found. Many indicators of potential vulnerabilities are visible both in the disassembly and debugging, if you know what to look for. How much can be automated? VulnCatcher illustrates the power of programmatic debugging using the VTRACE libraries for cross-platform debugging. 


--------------------------------------------------------------------------------

Casper, "Forensics and Anti-Forensics"

Casper is a member of one of the best Chinese hacking team Xfocus and the organizer of the famous and quite technique-oriented Chinese hacking conference Xcon.

He will discuss forensics and anti-forensics. Casper is the 'real' keynote speaker of POC2007.


--------------------------------------------------------------------------------

Daiki Fukumori, "Attacking Web2.0"

Daiki Fukumori is the founder and CTO of SST(Security Sky Technology) in Japan. You can find his works here and here. 

He reported vulnerabilties more than 100 in 2006. 

In this presentation, what changes has occured and what kind of vulnerabilities we have in the world of Web2.0 will be overviewed, will show the attacking method and its countermeasures. As a result, we all recognized again that Web2.0 has been constracted on the cloud of vulnerabilities. He will show the following: 

* Attacking Browser Restriction (Cross Domain Policy)

* Attacking Blog and Wiki

* Attacking RSS Software

* Attacking Other Web2.0 Software

* Defending Web2.0


--------------------------------------------------------------------------------

Dave Aitel, "Writing exploits using Immunity Debugger" 

Dave Aitel has worked at the US National Security Agency, the consulting firm @stake (now Symantec), and is the founder and CTO of Immunity, Inc. He is best known for vulnerability research and is the author of the SPIKE fuzzer creation suite. Immunity is a Miami Beach based information security company who's flagship product CANVAS is used by penetration testing groups around the world.

Dave will go over heap overflows and writing scripts and a few other things that Immunity Debugger can do that other debuggers can't. 


--------------------------------------------------------------------------------

Hendrik Scholz, "Hacking VoIP Routers" 

Hendrik Schols is a VoIP developer and systems engineer at Freenet Cityline in Kiel, Germany.

Hendrik will introduce the world of VoIP/SIP enabled Integrated Access Devices(IADs, i.e. you DSL router). After a description of their embedded features and issues, the talk will outline the general approach to attack these devices: Location devices, identification and the final attack. The main part of the talk depicts attacks that we found during research as well as by operating large networks based on various devices. Attacks include SPIT attacks, information leaks as well as the ever popular crash. He will open unreleased 0day attacks.


--------------------------------------------------------------------------------

i3eat, "Hacking with Nintendo DS" 

i3eat is a member of Security First at Department of Information Security Engineering, SoonChunHyang University and padocon. Padocon is a university hacking and security research group.

He will present the ways you can use NDS(Nintendo DS) as a hacking tool. He will show you the following:

* Remote attack and control against vulnerabilities

* LAN(local area network) DoS attack

He will talk about some potential attack scenarios and protection ways, too.


--------------------------------------------------------------------------------

Linzi(Reserved Speaker), "Another idiosyncratic attack" 

Linzi is a researcher of HuaYongXingAn Science Technology Co., Ltd in China. He focuses on popular and newest research about hacking and security technology His main work is source reviewing and pentest

With a rapid development of network security, more and more network attacks tend to redirect their real attacks to application layer today, comparing with the hacking of system vulnerabilities several years ago. This topic mainly discusses how to keep away from conventional and unconventional attacks by hackers through several attack methods adopted by hackers. 


--------------------------------------------------------------------------------

silverbug, "The Ways to Hack your Cell Phones"

silverbug works for AhnLab. 

He will show you how to hack your cell phone. You will come to know how to recover deleted phone numbers, deleted messages, and how to control the games running on the cell phone. Even more, you will see how to access the password of cell phone. And he will show how to implement a tool for hacking cell phones.


--------------------------------------------------------------------------------

Sun Bing, "VMware 0day or Bios Boot Hijacking "

Sun Bing is a Chinese inforamtion Security researcher and has more than 7 years of experinences in Windows kernel and information security techniques research and development, especially with deeply delving into buffer overflow prevention, rootkit detection, firmware security and, x86 virtualization.He has spoken at several security conferences, such as Xcon 2006 and 2007, POC2006, EuSecWest2007, Black Hat Europe 2007, Syscan2007 etc.

He will be able to speak about his research of VMware 0day or Bios Boot Hijacking. Which subject do you want him to speak about? It's up to him.^^


--------------------------------------------------------------------------------