Insomni’hack : teaser

Insomni’hack 2015 will take place the 19&20th March 2015 at Palexpo.

The teaser registration is now open!

You can go to https://teaser.insomnihack.ch/ and register your team!

Please follow the official web site for more details : http://insomnihack.ch

HFGL 🙂

Programme Insomni’hack

Le programme des conférences d’Insomnihack est maintenant disponible sur le site de l’événement: http://insomnihack.ch/conferences/

Insomni’hack 2014

Les premiers speakers ont été annncées, tout comme la liste des workshops de cette année. Les inscriptions sont donc maintenant ouvertes pour Insomni’hack 2014!

Analyse et détection de cyber-attaques: Import-Module IncidentDetection

Introduction

Le 16 octobre dernier nous avons eu l’opportunité de présenter sur le sujet de la détection d’incidents lors de l’Application Security Forum d’Yverdon. Ce sujet, bien que relativement bien connu est encore trop peu utilisé en entreprise où l’on voit principalement le déploiement de défenses périmètriques, d’antivirus ou encore d’IDS.

Insomni’hack 2013 – Armory level3

This challenge was the last level on the ARM platform. It was a crackme with a stripped binary including a basic anti-debugging trick. Sadly, only one team managed to complete this challenge before the end of Insomni’hack and another wasn’t far from what we discussed later.

Insomni’hack 2013 Armory level1 & level2

Level1 should be pretty straightforward. Looking at the assenbly, you can see that it prints the current working directory by using system(“pwd”) and then strcpy user controlled data to a fixed size buffer.

Insomni’hack 2013 : Armory wargame

As arm CPU are getting more and more used, we decided to create an arm-based wargame consisting of 4 challenges.

The first one, described here, is a reverse engineering challenge that will give you the credentials to access the actual raspberry pi box.

Insomni’hack 2013 : Money money money

Money Money Money

Even after "The Event", money is still the key to beat your opponents. Our scouts found an old banking server which should contain information about the accounts and the money they contain, but this old computer used to use perforated cards. Our engineers were able to create an interface to use it on modern technology, but they are not able to break the security system to get the data.

Insomnihack 2013 – Central Directory

And here I was thinking everybody knew SQL injections and that this challenge wouldn’t last an hour. And yet only one team was able to complete it before the end of the contest. o_O

Insomni’hack 2013 – recycle.exe

The main idea behind this challenge came after reading an article in Valhalla magazine about inline JScript for implementing cryptography in malwares targeting Windows.