Confidence - (25-26.05 2010 Krakow)
Language: polski | engish

Alexey Sintsov

Alexey Sintsov was born in 1985 then graduated in 2008 from Saint-Petersburg State Polytechnical University, faculty of computer science. Now he is working at Digital Security, the leading IT security company in Russia. He perfom security audits, penetration tests and security research for our Lab – Digital Security Research Group. He also write articles for XAKEP magazine and lead there the “Exploits Review” column. He has been posting vulnerabilties at bugtraq mailing list since 2001 and have found several 0-days in Russian internet-bank systems (private works). And make talks in PCIDSSRUSSIA2010 and Ryscrypto 2010.
His public works: http://www.exploit-db.com/author/Alexey%20Sintsov

Topic of Presentation: You can’t stop us: latest trends on exploit techniques

Language: English

Abstract: Talk about weaknesses in modern technologies of protection against arbitrary code execution. GS, safeSEH, DEP and ASLR. How it can be bypassed – modern techniques. Return-Oriented Programming (ROP). Attack on clients – JIT SPRAY method. How this kind of exploits can be written. Practical tips and tricks with real examples on latest vulnerabilities.