Phenoelit

Papers and other references to our tools and work

Title: Toying with Barcodes
Author: FX
URL: StrichAufRechnung.pdf
Comment: 24C3 Talk on Barcodes

Title: Analysing Complex Systems - the BlackBerry case
Author: FX
URL: AnalysingComplexSystems.pdf
Comment: BlackHat Vegas 2006 / DefCon 14 talk including Phenoelit BlackBerry research

Title: I shut up, you take it from here (how to become a hacker)
Author: Halvar Flake, FX
URL: Shutup.pdf
Comment: DEFCON 12 speech

Title: Bug Finding
Author: FX
URL: Bugs.pdf
Comment: BlackHat Las Vegas 2004 speech

Title: Practical Win32 and UNICODE exploitation
Author: FX
URL: Phenoelit20c3.pdf
Comment: CCC 20c3 speech

Title: Embedded Systems
Author: FtR
URL: CCCamp_FtR_2003.pdf
Comment: CCC Camp 2003 speech

Title: Cisco Vulnerabilities - The Past, The Present and The Future
Author: FX
URL: camp2003.pdf
Comment: CCC Camp 2003 speech

Title: More embedded systems
Author: FX
URL: dc11.pdf
Comment: Defcon 11

Title: Attacking networked embedded systems
Author: FX & FtR
URL: 19C3.pdf
Comment: The slides from our speech at 19C3 - including the new OSPF exploit.

Title: Attacking networked embedded systems
Author: FX & FtR & kim0
URL (BlackHat): BHLV.pdf
URL (Defcon): defconX.pdf
Comment: The slides from our speech at Black Hat 2002 and DefCon X.

Errata: In the "Routing and Tunneling Protocol Attacks" slides it says that EIGRP does not use authentication. Well, that's not true. You can do MD5.
Sorry for that.

Title: Routing and Tunneling Protocol Attacks
Author: FX & FtR
URL: 18C3.pdf
Comment: The slides from our speech at 18C3 (http://www.ccc.de/congress/2001/)

Title: Routing and Tunneling Protocol Attacks
Author: FX
URL: bhams01.pdf
Comment: The slides from my speech at Blackhat Briefings Amsterdam 2001

Title: Routing and Tunneling Protocol Attacks
Author: FX
URL: routing.pdf
Comment: These are the slides of the speech I did on DEFCON 9

Title: SANS GIAC Certified Intrusion Analyst (GCIA) Exam
Author: Alex Stephens
URL: http://www.sans.org/y2k/practical/Alex_Stephens_GCIA.htm#section2
Comment: Mr. Stephens understood the working and impact of cd00r correctly and wrote an excellent explaination of the code.

Title: Protecting Network Infrastructure at the Protocol Level
Author: Curt Wilson
URL: http://www.sans.org/infosecFAQ/threats/protocol_level.htm
Comment: Curt did extensive research for his routing protocol paper. He covers IGPs and EGPs to show what issues exist. My special respect to Curt since he actually asked me for my opinion before releasing the paper.

Title: Can See you Behind Layer 2... Overcoming the difficulties of Packet Capturing on a Switched Network
Author: Douglas Hewes
URL: http://www.sans.org/infosecFAQ/switchednet/layer2.htm
Comment: Mr. Hewes takes a look at ARP interception and a lot of tools that are available. Shortly covers ARP0c.

If you wrote a paper and refered to our tools and want it to appear here, send an email to FX.