 | |  | |  | |  | |  |
Shmoocon 2008
One Track Mind Feb 15 17:30
Web Portals, Gateway to Information or a Hole in our Perimeter Defenses - Deral Heiland
If web portals can be used to aggregate information and resources from multiple locations, and deliver it
to users at a single point of access. Could an attacker use these same functions and features to gain
access into unauthorized internal systems? In this presentation we will explore using a web portal
interface to query resources behind the firewall by tunneling request through the portal services using a
cross-site-scripting (XSS) like vulnerabilities.
Download PowerPoint
Blackhat 2006
Turbo Talk Aug 3 14:15
Code Integration-Based Vulnerability Auditing
William B Kimball, Undergraduate Student, University of Dayton
There is a growing need to develop improved methods for discovering vulnerabilities in closed-source
software. The tools and techniques used to automate searching for these vulnerabilities are either
incomplete or non-existent. Fuzz-testing is a common technique used in the discovery process but does
not provide a complete analysis of all the vulnerabilities which may exist. Other techniques, such as API
hooking, are used to monitor insecure imported functions while leaving inlined functions still waiting to
be found. LEVI is a new vulnerability auditing tool (Windows NT Family) which addresses both of these
issues by using a code integration-based technique to monitor both imported and inlined functions.
Using this approach provides a more complete analysis of the vulnerabilities hidden within closed-
source software.
William Kimball is extremely passionate about computer security and is an undergraduate student at the
University of Dayton studying Computer Science. He recently received the Learn, Lead and Serve
Award for his research in Binary Vulnerability Auditing and participated in this years’ Ohio Academy of
Science. Kimball has also worked in security and networking for a Fortune 500 company.
Defcon 12 presentation
The Insecure Workstation
Deral Heiland
The insecure workstation. A creative look at the windows group policies as a security solution in today’s
workplace and how easily they are circumvented. This talk will discuss the Were, What and Why on
policies and also demonstrate simple tricks to bypass policies and exploiting poor policy implementation.
Deral Heiland has been in the IT field since 1994 working in the following industries; Newspaper media,
System Integrator, Manufacturing. Held the following position Network Administrator, Financial systems
manager, Network field engineer and Network Security Analyst. He presently holds the following
certifications SSCP, CCNA, CCWS, CNE5 and CWSE.
Download PowerPoint
Defcon 13 presentation
The Insecure Workstation II `bob reloaded`
Deral Heiland
The insecure workstation II `Bob Reloaded`. Exploring attack vectors within Microsoft desktop systems.
A close look at third party applications that still suffer from api call vulnerabilities and how attackers can
use these vulnerabilities to escalate there rights to system level . Also will be exploring this year’s
security research into “attacks against the local desktop login”. Demonstration of desktop access
without logging in.
Deral Heiland serves as a Network Security Analyst for a fortune 500 company. Mr. Heiland manages
application and network vulnerability testing, Intrusion Detection Systems, controls firewall security and
anti-virus efforts. With over a decade of work in the Information Technology field, Mr. Heiland has
obtained several certifications including: CISSP, SSCP, CCNA, CWLSS, and CNE5. Prior positions held
include: Network Administrator, Senior Network Analyst, Database Manager, and Financial Systems
Manager.
Download PowerPoint
One Track Mind Feb 15 17:30
Web Portals, Gateway to Information or a Hole in our Perimeter Defenses - Deral Heiland
If web portals can be used to aggregate information and resources from multiple locations, and deliver it
to users at a single point of access. Could an attacker use these same functions and features to gain
access into unauthorized internal systems? In this presentation we will explore using a web portal
interface to query resources behind the firewall by tunneling request through the portal services using a
cross-site-scripting (XSS) like vulnerabilities.
Download PowerPoint
Blackhat 2006
Turbo Talk Aug 3 14:15
Code Integration-Based Vulnerability Auditing
William B Kimball, Undergraduate Student, University of Dayton
There is a growing need to develop improved methods for discovering vulnerabilities in closed-source
software. The tools and techniques used to automate searching for these vulnerabilities are either
incomplete or non-existent. Fuzz-testing is a common technique used in the discovery process but does
not provide a complete analysis of all the vulnerabilities which may exist. Other techniques, such as API
hooking, are used to monitor insecure imported functions while leaving inlined functions still waiting to
be found. LEVI is a new vulnerability auditing tool (Windows NT Family) which addresses both of these
issues by using a code integration-based technique to monitor both imported and inlined functions.
Using this approach provides a more complete analysis of the vulnerabilities hidden within closed-
source software.
William Kimball is extremely passionate about computer security and is an undergraduate student at the
University of Dayton studying Computer Science. He recently received the Learn, Lead and Serve
Award for his research in Binary Vulnerability Auditing and participated in this years’ Ohio Academy of
Science. Kimball has also worked in security and networking for a Fortune 500 company.
Defcon 12 presentation
The Insecure Workstation
Deral Heiland
The insecure workstation. A creative look at the windows group policies as a security solution in today’s
workplace and how easily they are circumvented. This talk will discuss the Were, What and Why on
policies and also demonstrate simple tricks to bypass policies and exploiting poor policy implementation.
Deral Heiland has been in the IT field since 1994 working in the following industries; Newspaper media,
System Integrator, Manufacturing. Held the following position Network Administrator, Financial systems
manager, Network field engineer and Network Security Analyst. He presently holds the following
certifications SSCP, CCNA, CCWS, CNE5 and CWSE.
Download PowerPoint
Defcon 13 presentation
The Insecure Workstation II `bob reloaded`
Deral Heiland
The insecure workstation II `Bob Reloaded`. Exploring attack vectors within Microsoft desktop systems.
A close look at third party applications that still suffer from api call vulnerabilities and how attackers can
use these vulnerabilities to escalate there rights to system level . Also will be exploring this year’s
security research into “attacks against the local desktop login”. Demonstration of desktop access
without logging in.
Deral Heiland serves as a Network Security Analyst for a fortune 500 company. Mr. Heiland manages
application and network vulnerability testing, Intrusion Detection Systems, controls firewall security and
anti-virus efforts. With over a decade of work in the Information Technology field, Mr. Heiland has
obtained several certifications including: CISSP, SSCP, CCNA, CWLSS, and CNE5. Prior positions held
include: Network Administrator, Senior Network Analyst, Database Manager, and Financial Systems
Manager.
Download PowerPoint
 | |  |