XlogicX
XlogicX hacks at obscurely low level technology with no impact. He has unmasked sanitized IP addresses in packets (because checksums) and crafts his own pcaps with just xxd. He feeds complete garbage to forensic tools, AV products, decompression software, and intrusion detection systems. He made evil strings more evil (with automation) to exploit high consumption regular expressions. He believes assembly language can be too high level at times and has a general distrust for abstractions. He wouldn’t identify as a video game developer but has created a handful of 512 byte games in the form of boot sector. He likes to craft his own length/distance pairs to compress his own Deflate data (stay tuned for more ignorance in that space!).
Session
When you pop the hood of RFC 1951 (DEFLATE), there lies an interesting playground that would be otherwise unseen in the context of compression use cases. This talk will address many aspects of the ubiquitous DEFLATE compression, none of which involve compressing data! “Designer Compression” scenarios will be explored, such as blocks of DEFLATE data that can be fully ASCII printable, contain no data, buffer underflow access of nulls, and even apply forms of recursion. We will also see forensic data extraction from compressed fragments, employ difficult to detect watermarking, demo a covert channel PoC (deflate in http), and forever-cookies. The presentation style will take a high-level first pass and then dig into the technical details with the time left.