Security

How hackers grind an MMORPG: by taking it apart!

An introduction to reverse engineering network protocols
Hall G
Rink Springer
When an online game no longer captivates interest, what do you do? Grind on the network protocol, of course! How does it work, is it secure - and, how can you still get away while doing this?
Online games are hardly new, but their inner workings are rarely (if ever) documented. This needs to change: if it runs on my computer and uses my network I want to know what's going on! This talk starts by analysing the network protocol of the Runes of Magic game, and continues by introducing specific tools to aid this process and the steps taken to come up with such tools. Continuing with a demonstration to whet your appetite: we will show how much fun it is to do this kind of work, and finally some advice on the legal side of things. All custom tools and methods described are not specific to a game per se, however using custom tools will greatly improve your reversing experience. They aren't even specific to games, the same techniques can be used to analyse about any network protocol.

Additional information

Type lecture
Language English

More sessions

12/27/15
Security
Joanna Rutkowska
Hall 2
Can we build trustworthy client systems on x86 hardware? What are the main challenges? What can we do about them, realistically? Is there anything we can?
12/27/15
Security
Hall 6
Unser Vortrag demonstriert einen PLC-only Wurm. Der PLC-Wurm kann selbstständig ein Netzwerk nach Siemens Simatic S7-1200 Geräten in den Versionen 1 bis 3 durchsuchen und diese befallen. Hierzu ist keine Unterstützung durch PCs oder Server erforderlich. Der Wurm „lebt“ ausschließlich in den PLCs.
12/27/15
Security
Hall 2
Dr. Peter Laackmann und Marcus Janke zeigen mit einem tiefen Einblick in die Welt der Hardware-Trojaner, auf welchem Wege „Institutionen“ versuchen können, sich versteckten Zugang zu Sicherheits-Hardware zu verschaffen.
12/27/15
Security
Yaniv Balmas
Hall G
Key-Loggers are cool, really cool. It seems, however, that every conceivable aspect of key-logging has already been covered: from physical devices to hooking techniques. What possible innovation could be left in this field?
12/27/15
Security
Ilja van Sprundel
Hall 2
This presentation covers windows kernel driver security issues. It'll discuss some background, and then give an overview of the most common issues seen in drivers, covering both finding and fixing issues.
12/27/15
Security
Alexander Graf
Hall 2
Did you ever want to have access to a few hundred thousand network end points? Or a few hundred thousand phone numbers? A short look behind the curtains of how not to do network security.
12/27/15
Security
Hall 1
For years SCADA StrangeLove team speaks about vulnerabilities in Industrial Control Systems. Now we want to show by example of railway the link between information security and industrial safety and demonstrate how a root access gained in a few minutes can bring to naught all the years of efforts that were devoted to the improvement of fail-safety and reliability of the ICS system. Railroads is a complex systems and process automation is used in different areas: to control power, switches, ...