• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Finally, you can manage your Google Docs, uploads, and email attachments (plus Dropbox and Slack files) in one convenient place. Claim a free account, and in less than 2 minutes, Dokkio (from the makers of PBworks) can automatically organize your content for you.




Event details



Lockpicking Contest!!

     You can win a book from Michael Messner,


      Das Handbuch zum Penetration-Testing-Framework



When: Saturday, January 21, 2012



We have limited space, RSVP is required for entry!


Registration Phase 1, starts December 21, 2011, 10:00 AM (GMT +1)   SOLD OUT!


          Registration Phase 2,  starts January 5, 2012, 10:00 AM (GMT +1)  SOLD OUT!

!! NO BSidesVienna-Tickets required for the AfterParty - Everybody is WELCOME !!





        Follow us on TWITTER:    @BSidesVienna






U4 Center

Schönbrunnerstraße 218-220

        Stairway B, Floor 6,

1120 Vienna



Größere Kartenansicht


Cost: Free (as always!)


Call For Papers (CFP)


  • Send your papers to [email protected]
  • Deadline for submission of papers is the January 8th, 2012


Invite your friends by posting this on Twitter: "#BSidesVienna, January 21,2012: Discover the next big thing!"






     Discount rates for the Renaissance Hotel are available!

     Double-Bed room incl. Breakfast 135€/night

     Booking Website: www.renaissancewien.at

     For the Discount Code send an Email to [email protected]

















Day 1


  Track 1
8:00 AM - 9:00 AM Breakfast
9:00 AM- 9:45 AM


Where have all the SPAM mails gone?

Wieland Alge, Barracuda Networks

10:00 AM - 10:50 AM

Hackers on a train - Toying with transportation

Manuel Acanthephyra

11:00 AM - 11:50 AM

How to win an international hacker contest

Adrian “atrox” Dabrowski

12:00 AM - 12:50 PM

  Downgrade Attacks by Example

Michael Rodler


12:50 PM - 14:00 PM




14:00 PM - 14:50 PM

Tuning to a different key - introducing weaknesses into security devices

Arron "finux" Finnon

15:00 PM - 15:50 PM

A practical OWASP Testing Guide walk-through focused on passive and semi passive web app testing techniques

Abraham Aranguren

15:50 PM - 16:20 PM BREAK
16:20 PM - 19:00 PM


 Introducing the Offensive (Web, etc) Testing Framework

Abraham Aranguren

Metalab Location:            https://metalab.at/wiki/English
18:30 PM - 
DJ Workshop    https://metalab.at/wiki/DJ_Workshop 
21:30 PM - ...

AfterParty         https://metalab.at/wiki/BSidesVienna_01-2012






"Where have all the SPAM mails gone?", Wieland Alge, Barracuda Networks


We have look into the reasoning behind the spam mail industry and follow their evolution into alternative playgrounds. The amount of SPAM mails dropped by more than 50% compared to mid of 2010 and several pundits said that finally we got hold of the major villains. In fact SPAM is still out there and flourishing. SPAM is not unsolicited mail. Mail was just the easiest and most scalable method. See how modern rogue internet businesses use social networks and search engine manipulation for their benefit.






"Tuning to a different key - introducing weaknesses into security devices", Arron "finux" Finnon (@f1nux) 


When security devices such as NIDS/NIPS (Network Intrusion Detection/Prevention Systems) are developing their rules/signatures, exploit PoC's tend to be used to develop and test those rules. Sometimes there is lots of PoC code around for a single exploit. Not too much of leap of faith to suggest that those people developing those rules will stick to what they know, and obtain those PoC from the favourite place. What happens if an exploit from one PoC is very subtlety different from other ALL the other PoC's available? What happens if this subtly different PoC is more popular than the rest? What happens if the PoC is not a clear baseline of the threat? What happens if you introduce a "quirk" in to your NIDS analysis?


This talk looks at the situation where the choice of PoC for NIDS/NIPS signature could have massive and wide ranging implications. In lack of a better term, what happens if a security rule writer inadvertently codes a very subtle quirk into the rules. This can lead to a situation where the same exploit using a different PoC might well be sufficiently different from the rule writers sample as to evade detection. The reality of this is in play in the real world, and security devices have been tuned to a slightly different key. I intend to show an example of how security devices have been developed using a unclean sample and how an exploit's original PoC can pass NIDS detection.


The aim of the talk is to raise awareness into carefully verifying an exploit prior to developing rules, a practice that is clearly not happening.




"A practical OWASP Testing Guide walk-through focused on passive and semi passive web app testing techniques",  Abraham Aranguren, http://7-a.org


The purpose of this talk is to show how to partially test a website for security, legally and responsibly, before even permission is given. This may be useful in a number of situations such as when short timeframes are given to test a web application or when the pentester is willing to go the extra mile to do as much work as possible in advance in order to have the best chance to get in and use the test window for active testing and exploitation only (i.e. when permission is really needed).

The techniques described will be mapped to well-defined OWASP Testing Guide items. This talk will be highly practical and real examples from the field will be shown for most if not all techniques. The purpose of this talk is to show just how much can be done without almost touching a website in the hope of increasing awareness and perhaps provide some pen testers with new ideas or perspectives on how a web app pen test can be carried out in practice.

Although the talk will be mostly focused on web app testing there will be a brief practical discussion on the often disregarded overlap between web app security and network security.



"Downgrade Attacks by Example", Michael Rodler, (@f0rki)


In nearly every Networkprotocol there is a handshake, in which the version and features of the protocol are negotiated. If an attacker is able to perform a man-in-the-middle attack and is able to modify the network traffic, he also might be able to force client and server to talk an older, less secure, version of the protocol or might disable security features at all. The attacker is therefore able to read and modify the actual content of the network traffic. In this talk I will give several examples, of network protocols that can be downgraded and show some live demos, of the downgrade attacks. Further I will discuss, what could have been done to prevent these downgrade attacks, during protocol design and with workarounds in applications.



"Hackers on a train - Toying with transportation",  Manuel Acanthephyra (@sp0rkbomb)


Inspired by the great success in the UK, the de facto monopoly on railway passenger transportation in Austria was recently broken by a new competitor called WESTbahn. Amongst the perks offered to customers are wifi for everyone, prepaid kilometer tickets and the possibility to buy tickets on the train without penalty. Armed with an antenna, a barcode scanner and a ticket for a few rides, I embarked on an epic mission to find out what kinds of fun are to be had with a newly developed system like this. To take away the first question: Yes, yes you can ride for free.

As WESTbahn went into service less than a month ago, this talk is somewhat work in progress. In the worst case, you learn how to steal^Wuse other people's tickets and get to hear some amusing tales of train rides, wireless networks and the equipment running on them. Audience participation is allowed, suggested and appreciated.



"How to win an international hacker contest", Adrian “atrox” Dabrowski


In December 2011 the Austrian team of UT Vienna won the UCSB International Capture The Flag (iCTF) contest. The iCTF is the largest academic hacking event in the world with over 80 universities and institutions taking part.
The iCTF has a record of very diverse contest setups in the past: From simulated banking systems to attacking browsers with drive-by downloads. So how do you prepare, if at all possible? Why do you like to take part in such a contest (there are other CTFs as well), or is it just a game for bored security researchers?

This talk will introduce you into this topic, give you examples of real challenges, tell you how to prepare for it, and which tools you should have handy.





"Introducing the Offensive (Web, etc) Testing Framework",  Abraham Aranguren, http://7-a.org


The Offensive (Web, etc) Testing Framework is an implementation of the OWASP Testing Guide (improvements towards PTES in progress) that aims to make pen testing dramatically more efficient. “Silent web app testing by example” but works on its own too, bring your coffee with you :). The Offensive (Web, etc) Testing Framework is an open source project that aims to to address the inefficiencies I have found in my own pen testing methodology. This tool follows a philosophy completely different to that of currently existing tools and tries to address their shortcomings in a novel way. The demos will illustrate this new approach but in short OWTF is an implementation of my own personal years of experience in web app pen testing, my “Silent web app testing by example” talk, the techniques I used to achieve a 100% score in the Offensive Security Certified Professional (OSCP) 24 hour hacking challenge (despite not being that smart or that experienced back in 2008 when I did it), the methodology described by Jason Haddix in his excellent Brucon 2011 workshop “The Web Application Hacking Tool-Chain” and the techniques professional chess players use to analyse games efficiently. OWTF provides a framework to automate most of the stupid, un-creative part of pen testing so that we can focus more on sharing information, thinking out of the box, chaining vulnerabilities and show impact. I hope this tool will increase awareness and change the way you
view pen testing forever.


Do the attendees need something special (notebook/software) for the workshop/demo?

    • The workshop will start like a talk and become interactive at the end (after the general background and demos are shown)
    • up-to-date Backtrack 5 system (VM,native) recommended
    • Firefox >= 8 on any platform will work
    • for further details go to http://blog.7-a.org/2012/01/owtf-011-vienna-released.html




Test your lockpicking skills, Thomas Hackner, Stefan Kröner, www.openlocks.at


Lockpicking is an art, a sport and a community activity where the inner workings of locks and locking systems are dissected, circumvented and improved. Lockpicking is at its heart a sport for hackers and enthusiasts who like to learn something new every day and help to improve systems by thinking differently than the average.

OpenLocks is a group of enthusiasts who gave lockpicking a chance and got addicted. OpenLocks represents the Lockpicking sport in Austria and is welcoming everybody who wants to learn about locks, lockpicking and physical security. We will provide you with different kinds of locks sorted according to their difficulty and the appropriate gear to open them non-destructively. And, as last year, for those who are really eager to learn and improve their skills, Bsides Vienna supports us with a giveaway present for a small competition throughout the conference.  So, no matter if you are beginner or already an advanced lockpicker - join the lockpicking booth and get your hands dirty.



"DJ Workshop - DVS at your fingertips", 


Joernchen and astera of Phonoelit will give you an introduction to what it takes to get a crowd going by using the magic powers of electronic dance music for the win.
This is very much a hands-on workshop, so all attendees will have ample time to put the theory into practice.

What this workshop will cover:
Vinyl/CD DJing hardware (the 'real' thing)
Digital Vinyl Systems (DVS)
Software-only systems (in brief)
Electronic music mixing background knowledge
And LOTS of Hands-on practice (using Serato Scratch Live)

The workshop will be held at the Metalab, Rathausstr. 6, 1010 Vienna. Scheduled length is 2 hours, and participation is limited to a max. of 6 people per group (please register asap)!

Registration:  http://bsidesvienna2012.eventbrite.com/






Sponsor Information



Barracuda Networks Inc. offers industry leading products for three distinct markets. As the worldwide leader in content security appliances, Barracuda Networks offers products that protect organizations from threats over email, Web, and IM. With a strong security heritage, Barracuda Networks offers networking products that improve application delivery and network access with SSL VPN, Internet link load balancing, and server load balancing product lines. Finally, Barracuda Networks offers world-class solutions for backup and data protection that include message archiving, backup software and appliances, and offsite backup services.

Coca-Cola, FedEx, Harvard University, IBM, L'Oreal, and Europcar, are amongst the more than 150,000 organizations protecting their networks with Barracuda Networks solutions. The company is privately held with its international headquarters and manufacturing facility based in Campbell, California. Barracuda Networks has offices in eight international locations and distributors in more than 80 countries worldwide.



dpunkt was founded in 1995 and has grown into one of the leading German publishers in the IT-publishing market. dpunkt serves the professional computing and telecommunications community by providing information products and services, primarily through publications (print and digital) and training. Although dpunkt's focus is on digital technology, its mission goes beyond technology, promoting its use to support creativity, and to improve communication among people. dpunkt uses digital technology in an extensive way to design, manufacture and distribute its products. We at dpunkt strongly believe that technology and its efficient use on one side and creativity and playful joy (or plain fun) on the other, are not mutually exclusive.








Tags for flickr, twitter, blog, etc.


Please use the tag #BsidesVienna for content related to this event



Who's blogging?




Comments (0)

You don't have permission to comment on this page.