Core Security Displays Security Leadership with Multiple Speaking Engagements at Black Hat USA 2007


Company Experts to Present Web Application Protection Technology, New Database Attack Type and Remote Exploit Development Techniques for OpenBSD

BOSTON, Mass. - July 23, 2007 - Core Security Technologies, provider of CORE IMPACT, the first-to-market penetration testing product for assessing specific information security risks, today announced that several of the company’s security experts will serve as featured speakers during the Black Hat USA 2007 conference, taking place July 28 to August 2 at Caesar’s Palace, Las Vegas. The talks will include:

Timing Attacks for Recovering Entries from Database Engines

When: August 1, 2007; 1:45 p.m. – 3:00 p.m. PDT

Where: Caesar’s Palace; Palace 3

Who: Pablo Damian Saura, developer and researcher at CoreLabs, the research center of Core Security Technologies; Ariel Waissbein, researcher, CoreLabs

Presentation Details:

In today’s threat landscape, data security breaches are mostly due to the exploitation of bugs in front-end web applications (e.g., via SQL injection) or to the abuse of misconfigured authorization and access control permissions. CoreLabs devised an attack that works without requiring the existence of implementation bugs or security misconfigurations in the database. The new attack relies solely on the inherent characteristics of the indexing algorithms used by most commercial database management systems.

During this talk, Damian Saura and Ariel Waissbein will present ongoing research work on this new type of attack against database-driven applications. Their work uses timing attacks, a common technique for breaking cipher system implementations, and applies them to database engines. The researchers will explain how this technique makes it possible to extract private data from a database by performing record insertion operations, which are typically available to all database users – including anonymous users of front-end web applications.

The presentation will also review BTREE, the most popular database indexing algorithm and data structure. Saura and Wassbein will describe how they discovered BTREE’s security weaknesses during their experiments testing the attack against the MySQL database engine.

A Dynamic Technique for Enhancing the Security and Privacy of Web Applications

When: August 2, 2007; 11:15 a.m. – 12:30 p.m. PDT

Where: Caesar’s Palace; Palace 3

Who: Ezequiel D.Gutesman, researcher at CoreLabs, the research center of Core Security Technologies; Ariel Waissbein, researcher, CoreLabs

Presentation Details:

Web applications are often preferred targets in today’s threat landscape. Many widely deployed applications were developed in haste and are often ridden with SQL injection, file inclusion and cross-site scripting bugs, creating weak links in any Internet-exposed environment.

In this presentation, CoreLabs researchers Ezequiel Gutesman and Ariel Waissbein will address this issue by introducing a new application protection technology that efficiently identifies and blocks several attack vectors “on-the-fly.” The protection technique is based on very granular run-time taint analysis of an application’s data and does not require access or changes to the application’s source code.

Applications written in the most common web scripting languages, including PHP, ASP, Python, Perl and Java, can be protected using this technology to prevent database injection, shell injection, cross-site scripting and directory-transversal attacks. A fully functional implementation of the protection technique for PHP will be described in detail.

OpenBSD Remote Exploit

When: August 1, 2007; 10:00 a.m. – 11:00 a.m. PDT

Where: Caesar’s Palace; Palace 3

Who: Alfredo Ortega, exploit writer on the CORE IMPACT Exploit Writers Team and research associate at CoreLabs

Presentation Details:

For more than a decade, OpenBSD has had only two officially disclosed bugs that could be considered remotely exploitable. In this presentation Alfredo Ortega will provide a detailed look at one of those two rare bugs: the IPv6 mbuf overflow he discovered earlier in 2007. Ortega will provide an in-depth view of the process of developing a remote exploit for the bug, analyzing various exploitation techniques, and implementing kernel shellcode that disables the defenses of the operating system and installs a privileged user-mode process.

About the Black Hat Conference

The Black Hat Briefings brings together a unique mix in security: the best minds from government agencies and global corporations with the most respected independent researchers and hackers, giving attendees the unique opportunity to network with peers and leading-edge practitioners. The Black Hat Briefings USA has grown to over 2500 technically advanced attendees. Topics are diverse and range from RFID security, Windows Vista exploits, forensics and anti-forensics, roottkits, zero day vulnerabilities, anomaly detection, hardware hacking and much more. Topics can also apply to the offensive initiatives of a group such as a pen test team or vulnerability researchers.

For more information about these presentations or to schedule meetings with Core Security’s experts at Black Hat USA 2007, please contact Tim Whitman or Tiffany Archambault at 781-684-0770 or email  

About Core Security Technologies

Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company’s flagship product, CORE IMPACT, is the first automated penetration testing product for assessing specific information security threats to an organization. Penetration testing evaluates overall network security and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core augments its leading technology solution with world-class security consulting services, including penetration testing, software security auditing and related training. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at


Tim Whitman or Tiffany Archambault         

Schwartz Communications 

781 684-0770 

Mon, July 23