Speakers of Zer0Con

Team Member
Ian Beer Google Project Zero
Through the mach portal

Mach ports are one of the most fundamental parts of the XNU kernel. This talk takes a deep-dive into how the user and kernel mach port APIs work, the implicit security guarantees they make and how to leverage those guarantees to build logical exploit primitives. I will discuss the discovery and exploitation of multiple sandbox escape and kernel bugs on iOS.

Team Member
Brian Pak(Cai)         Theori             
Microsoft Patch Analysis and Exploit Development

We take a look at the general process of patch analysis. We walk through each step from downloading the patch to a weaponized exploit. For the case study, we perform the analysis for CVE-2016-0189(vbscript.dll) & jscript9.dll bug fixed in MS16-063 for IE11, Edge/chakra.dll bugs(CVE-2016-7200, 7201), win32k kernel bug fixed in MS16-106, as well as new bugs that are discovered in latest March update. We also talk about ways to bypass mitigation such as CFG and RFG.

Team Member
bee13oy CloverSec Labs    
Attacking Antivirus Software's Kernel Driver

Last year, when I focus on AV(Antivirus Software) Kernel Driver, a thought comes to me, which helps me find many nice vulnerabilities in AV Kernel Driver and save me a lot of time. In this talk, I will share my thought in detail. And then, I will talk about how to find AV Kernel Driver vulnerability efficiently.

Team Member
Pangu Team        Pwnzen         
A Story of Exploiting macOS Sierra Kernel

Teaming up with Lokihardt, we successfully exploited fully patched Apple Safari on macOS Sierra and got root privilege at PWNFEST 2016. After gaining arbitrary code execution in a strictly sandboxed Safari Web Process , we first exploited an uninitialized kernel heap issue to bypass KASLR, and then exploited an uninitialized kernel stack issue to gain arbitrary code execution in the kernel. In this talk, we will uncover such kernel vulnerabilities, and discuss the whole kernel exploitation chain in detail.

Team Member
Lokihardt         Google Project Zero        
A medley of modern web browser exploits

This talk introduces the various web browser vulnerabilities I've found and reported, and how I exploited those vulnerabilities. I will discuss not only just web browser vulnerabilities, but also various logical bugs and kernel bugs.

Team Member
Pierre Kim                                       
To find and exploit vulnerabilities of embedded devices and network protocols

From physical (GPON FTTH) to logical networks, this talk is about finding vulnerabilities in protocols (CWMP, GPON), devices (FTTH Optical Network Units, routers, switches, cameras, NAS), services (APIs, TR-069 servers) and potentially exploiting them in order to take over large parts of ISP networks with 0day vulnerabilities.

Team Member
      Nikita Tarakanov                                   
Exploitation of kernel pool overflow on Microsoft Windows 10

The contents of this 0-day talk will be opened only in the conference room

Team Member
Slipper       Chaitin Tech      
PS4 Hacking

The last public Sony PS4 jailbreak was targeting to version 1.76, which has been released more than two years. As more mitigation is introduced, PS4 jailbreaking is much more challenging. In GeekPWN 2016, I have demonstrated booting a Linux system on latest PS4 console by exploiting multiple vulnerabilities through webkit to kernel. In this talk, I’d like to share some technique details about PS4 hacking.

Team Member
Taesoo Kim       Georgia Tech      
Attacking Intel SGX

Intel SGX is a new security mechanism that is recently shipped with Intel Skylake, with the unprecedented promise of making the cloud computing secure. In this talk, we will introduce 1) how to blindly launch an exploit against SGX, and 2) how to reveal execution traces of a SGX program with a new side-channel we found recently.

Team Member
Dan Austin            Google           
Your Move: Vulnerability Exploitation and Mitigation in Android

This talk will describe a number of successful vulnerability exploitation attempts of Android. The root cause of each exploit and a corresponding mitigation technique that was built into the Android platform will be given. The talk will conclude with current vulnerability trends in Android and mitigation techniques that the Android Security team has been experimenting with.

Team Member
James Lee                       
live 0-day vulnerability exploitation for web browsers

This talk is mostly about design bugs exploitation. The speaker will show live 0-day vulnerability exploitations that will be disclosed at conference.


Schedule of Zer0Con

April 13 ~ 14, 2017, Seoul, Korea

You can download a pdf version here.


Zer0Con Training Course

The training courses of Zer0Con focus on bug hunting and exploitation.

Regstration will be closed on March 31.


The-K Hotel, Seoul

Crystal Ballroom A, B Hall

- ADDRESS: 70, Baumoe-ro 12-gil, Seocho-gu, Seoul, Korea
- TEL: +82-2-571-8100
- WEB: http://thek-hotel.co.kr/e_seoul/main.asp
- If you want more information, click the map below.

“There seems no empty room now in the venue hotel.
So, we recommend attendees to book other hotels in Gangnam area. Check this file for your hotel rooms.”

Organizer & Sponsor

Copyright(c) Zer0Con All rights reserved.