Adventures in analyzing Stuxnet [27C3]
Loading...
Uploaded by CCCen on Nov 30, 2011
Adventures in analyzing Stuxnet
There has been many publications on the topic of Stuxnet and its "sophistication" in the mainstream press. However, there is not a complete publication which explains all of the technical vulnerability details and how they were discovered. In this talk, you will get a first-hand account of the entire story.
We will discuss various techniques used in analyzing Stuxnet. First, we will share several tricks that were used to quickly identify the vulnerabilities. Second, we describe the thought processes that went into debugging and triaging the vulnerabilities themselves. Finally, we show some tips that you can use if you feel like decompiling stuff for fun :).
Speaker: Bruce Dang, Peter Ferrie
EventID: 4245
Event: 27th Chaos Communication Congress (27C3) by the Chaos Computer Club [CCC]
Location: Berlin Congress Center [bcc]; Alexanderstr. 11; 10178 Berlin; Germany
Language: english
Start: 27.12.2010 23:00:00 +01:00
License: CC-by-nc-sa
- 118 likes, 2 dislikes
-
Link to this comment:
Top Comments
All Comments (29)
-
BONER. 100% Authentic. I love you Bruce.
-
This is how it always is: lots of analysis (and sometimes a lucky break) to figure out what is going on, and then the problem is fixed in a couple of minutes.
-
Loved his reaction at admitting to using Linux at times. And for the folks that dislike his language, you should just be grateful that he is a geek that can still speak in a way the layman can mostly understand. Do you have any idea how rare it is for some one with those skills to be able to communicate it to the layman? I also respect that he was quite honest, not something I have come to expect from MS. He told of his mistakes that no one would know otherwise. He merits a lot of respect.
-
Excellent analysis.
Windows is looking at the MOF directory and running any code dropped there. how can that be a good idea?
-
@ people QQing about the swearing. Seriously? If you fucking can't fucking handle a little fucking profanity cancel your internet service and go live in a hole.Bruce provided good information and insight into the process.He is an engineer, not a salesman trying to sell you a phone every time you walk into the RadioShack. It's not his job to be the politically correct face of the company. If you can't grasp that you probably don't have the intellect to get any use from this vid to begin with.FUCK
2 months ago 2
-
Jesus Christ what's with the whining over a few swear words? It's great to hear a presenter talking naturally as this guy did, even more so being that he's from MS. Must be some xtian fundies here I think.
This was a great and interesting talk.
-
Pokemon training takes time and patience!
Other than that, great talk =p
-
@alexwastakenwastaken I found it got repetitive and boring. The guy thought he was cool and kepy at it for that reason only.
-
@alexwastakenwastaken He could at least vary the swears. If he insists on doing it he may as well do it properly. Microsoft have an office in Ireland, he should get transferred there to learn a thing or two
-
@samu2000 Honestly, swearing once or twice doesn't offend me at all. This guy just took it too far, there's only so many 'WTF Dude's I can handle. Also, you really have no idea what I do for a living or what I know. Grow up child.
- 1:04:37
Stuxnet decoder Ralph Langner speaks about Stuxnetby Dawidh20112,532 views
- 9:34
Detecting Malware Attacks on Smartphonesby Kaspersky1,249 views
- 7:38
Stuxnet Worm Virus 05 10 2010 Part 1by broadcastlabs9,548 views
- 0:51
When I'm Boredby ancsagirl957,207,405 views
- 55:44
27c3 - Desktop on the Linux... (and BSD, of course) - Wolfgang Draxinger (+ Lennart Poettering)by oger126,416 views
- 0:31
Thai commercialby MrHalasa3,765,446 views
- 5:45
Stuxnet: How It Infects PLCsby symantec99,142 views
- 1:01
Disney's Recess (Opening Theme)by NostalgicDaze159,888 views
- 0:33
Matias Rust 28.5.1987 in the Red Squareby Heter045,113 views
- 9:26
Stuxnet Virus Worm - Cyber Attack False Flag by Iranby stuxnettruth11,317 views
- 15:00
27C3 Adventures in analyzing Stuxnet - Bruce Dang & Peter Ferrie (1/4)by HackingCons2,233 views
- 5:17
KILLING JOKE - MONEY IS NOT OUR GODby slymyb6,226 views
- 4:30
Episode 2 - Hurra Torpedo velger elektriskby HurraElektrisk3,418 views
- 4:38
Duqu Gefährlicher Bruder Virus/Trojaner von Stuxnet [HD]by Metin2TheTuner3,174 views
- 2:11
Exposing Carol Shea-Porter's Big Lieby nhlimited1,082 views
- 1:14:56
27C3: Adventures in analyzing Stuxnet (Bruce Dang from Microsoft)by basti000732,322 views
- 2:10
CNC AR-15 Pistol.movby sebbybean981 views
- 10:30
Billy Gardell - Halftime - Part 2/4by SuperLoblaw37,069 views
- 9:18
Bride playing Master of Puppets on her wedding dayby bassplyr51441,444 views
- 51:04
Easy Star All-Stars - Dub Side of the Moon Liveby modcorrupt1,226 views
@iddn The swearing is natural, as is the presenting style. It's authentic, and I like it.
claynoik 2 months ago 8
is it so offensive to you that a guy who talks like this knows more about computer security than you will know in your lifetime.. or two?
samu2000 2 months ago 3