# 台灣駭客年會 HITCON CMT 2023 共同筆記
---
- [歡迎來到 HITCON CMT 2023](/@HITCON/Bye4oqF22)
- [HITCON 官方網站](https://hitcon.org/2023/CMT/) [target=_blank]
- [議程表](https://hitcon.org/2023/CMT/agenda/) [target=_blank]
# 08/18
#### 09:00 ~ 10:00 報到時間
#### 10:00 ~ 10:50 開幕&活動介紹
## R0
- 11:00 ~ 11:50 [Your Teammate Isn't Human: Mixing Decompilation and AI for Modern Reverse Engineering - Zion Basque](/2bIAm0aYSv2d-SNDrd_g_A)
- 13:00 ~ 13:40 [新魔法時代 - CmdGPT - Birdman](/Tgk2HAfJT-mtd7DryS9V2A)
- 14:00 ~ 14:40 [Firewall is on fire: Hacking the Juniper Firewall - 林宇翔](/7OE7o9fyTOKQd3pU56TOJw)
- 15:10 ~ 15:50 [Playing with Fire: Exploring the Exploitable Side of ZyXEL VPN Firewall - atdog, Lays](/fBo7E9LLRyqOo4CSLkhhQA)
- 16:10 ~ 16:50 [入無人之徑:於 MikroTik 蟄伏九載的 Pre-Auth RCE - NiNi](/NxuXRARbTvSEmA8APOTl_Q)
## R1
- 13:00 ~ 13:40 [Reaching Beyond Boundaries: Out-of-Bounds Exploration in Out-of-Band Management - 王建元 (kevingwn)](/aqz1bHiMTsGWLIPQ0OfZQQ)
- 14:00 ~ 14:40 [AI 搭把手,推倒 PHP 加密源碼的高牆 - 李樸, 官澔](/-dIRksaCQA6vA9dWtAL-fw)
- 15:10 ~ 15:50 [Prompt Injections in the Wild - Exploiting Vulnerabilities in LLM Agents - Johann Rehberger](/R6fxM-LIQM-sywsL72MBIQ)
- 16:10 ~ 16:50 [Pennywise - Invisible privacy risk in the new AI era - Vic Huang, 何念修](/Tpc8apDFTCGOhGjM3k4Uhw)
## R2
- 13:00 ~ 13:40 [Why Panda Loves USB?: Observing Targeted Attacks by Chinese APTs - Yuta Sawabe, Kazuya Nomura](/HjBkBguqRceFmA1w3ud3Tw)
- 14:00 ~ 14:40 [GroundPeony: Crawling with Malice - Rintaro Koike, Shota Nakajima](/0wE4NFlDTXCvs3Jpq6Lubw)
- 15:10 ~ 15:50 [Unmasking CamoFei: An In-depth Analysis of an Emerging APT Group Focused on Healthcare Sectors in East Asia - Still Hsu, DuckLL](/8gClWZ3ZQmmtfunxBs3Q3A)
- 16:10 ~ 16:50 [Static Analysis on Malware Packed by AutoIt and NSIS - Zong-Yu Wu](/74lTLOybQCiqTpK2bbs5EA)
## R3
- 12:40 ~ 14:40 [ARM-ing for Android: Unraveling the Mysteries of Native Library Reverse Engineering - Ravi Rajput](/8rVYsp-0R7iI63YColhljw)
- 14:50 ~ 16:50 [SOC200 - Log Monitorin - Ian Wilson](/dNXoV3cgTrqpgKP73BpzrA)
# 08/19
#### 09:00 ~ 10:00 報到時間
#### 10:00 ~ 10:10 Opening 開幕
## R0
- 10:10 ~ 11:00 [Advancements in JavaScript Engine Fuzzing - Carl Smith](/CcNB8axXQSGG9yJ5UEOIfQ)
- 11:20 ~ 12:00 [A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lesson Learned - Orange Tsai](/NQdQSRmjS-CvTkgYZJedkg)
- 13:00 ~ 13:40 [Ghosts of the Past: Classic PHP RCE Bugs in Trend Micro Enterprise Offerings. - Poh Jia Hao](/KumHEva8RtWkud-NQAxywA)
- 14:00 ~ 14:40 [Endpoint Security or End of Security? Exploiting Trend Micro Apex One - Lays, Lynn](/Pau9maX8Qd29-PqS9nfJWw)
- 15:10 ~ 15:50 [現代內核漏洞戰爭 - 越過所有核心防線的系統/晶片虛實混合戰法 - 馬聖豪](/PP-Ne3sfTDqik90YNjLzEg)
## R1
- 11:20 ~ 12:00 [How to hijack a VoLTE network - Pavel Novikov](/tEjDo3pgSR2D2M5DBmwhnA)
- 13:00 ~ 13:40 [從硬體攻擊手段來解開機殼下的美麗祕密:網路通訊設備安全分析 - Ta-Lun Yen](/Mcu1egjkRS6EorCWhfLMgA)
- 14:00 ~ 14:40 [ELECTRONizing macOS privacy - a new weapon in your red teaming armory - Wojciech Reguła](/vZ8kC2mnQAaSsJwo4JKEKg)
- 15:10 ~ 15:35 [What You See IS NOT What You Get: Pwning Electron-based Markdown Note-taking Apps - Li Jiantao](/6TTYJtqZRR6kB3A9SO9qVg)
## R2
- 11:20 ~ 12:00 [打造公平的遊戲轉蛋:在不洩漏原始碼的前提下驗證虛擬轉蛋的機率 - Jing Jie Wang, 李安傑](/FtRqiNb3TRaWLm7czFWEPQ)
- 13:00 ~ 13:40 [直搗核心:探索 AMD 驅動程式中的資安漏洞 - Zeze](/DPEaX9tSQHmYeKeDFH5Fvw)
- 14:00 ~ 14:40 [搭配模糊測試對Linux核心遠端檔案系統進行漏洞挖掘 - Pumpkin](/jLB7zQ5eSwGwtqeQvD9icA)
## R3
- 14:00 ~ 16:00 [麋鹿在芝麻街 - ELK x BERT 資安分析實戰 - Sheng-Shan Chen, Yuki Hung](/7rI4E83bQK2CMzd7WoUS0w)
{"title":"台灣駭客年會 HITCON CMT 2023 共同筆記","description":"歡迎來到 HITCON CMT 2023","lang":"zh-TW","contributors":"[{\"id\":\"af63df84-ed6e-4d99-a1da-cd9ceacb2bed\",\"add\":4,\"del\":0},{\"id\":\"61af98f4-b303-4819-b08b-aa32cf6677a8\",\"add\":5521,\"del\":2017}]"}