# HITCON 2025 共同筆記
- [HITCON 2025](/@HITCON/announcement-2025)
- [HITCON 2025 官方網站](https://hitcon.org/2025/) [target=_blank]
- [HITCON 2025 議程表](https://hitcon.org/2025/agenda) [target=_blank]
- [HackMD 快速入門](https://hackmd.io/s/BJvtP4zGX)
# 議程共筆
## 08/15
### R0
<ul>
<li>
<a href="/r1_ThSc_ee">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=10:40&end=11:20')">
<div class="time">
<div class="time-text">
10:40<br>
|<br>
11:20
</div>
</div>
<div class="title">
Atlantis:自主式 LLM 驅動的漏洞發現與修復系統
<div class="speaker">Andrew Chin</div>
</div>
</div>
</a>
</li><li>
<a href="/rJKFMSdulx">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=11:20&end=12:00')">
<div class="time">
<div class="time-text">
11:20<br>
|<br>
12:00
</div>
</div>
<div class="title">
歷史即是未來序章:威脅情資的演進之路
<div class="speaker">Visi Stark</div>
</div>
</div>
</a>
</li><li>
<a href="/ryqYMSOuxg">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=13:00&end=13:40')">
<div class="time">
<div class="time-text">
13:00<br>
|<br>
13:40
</div>
</div>
<div class="title">
ARTIPHISHELL Agents:以大型語言模型驅動的開源漏洞挖掘與修補
<div class="speaker">Wil Gibbs、Lukas Dresel</div>
</div>
</div>
</a>
</li><li>
<a href="/rknFMSdugl">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=15:10&end=15:50')">
<div class="time">
<div class="time-text">
15:10<br>
|<br>
15:50
</div>
</div>
<div class="title">
Uncover the Secrets of Chinese PhaaS Actor
<div class="speaker">Lime Chen、Albert Song、Shadow Liu、Strawberry Donut</div>
</div>
</div>
</a>
</li><li>
<a href="/SJTKzSdOgl">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=14:00&end=14:40')">
<div class="time">
<div class="time-text">
14:00<br>
|<br>
14:40
</div>
</div>
<div class="title">
ReVault!被你的 SoC 攻陷
<div class="speaker">Philippe Laulheret</div>
</div>
</div>
</a>
</li><li>
<a href="/SyycMSOOgg">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=16:10&end=16:50')">
<div class="time">
<div class="time-text">
16:10<br>
|<br>
16:50
</div>
</div>
<div class="title">
耳機劫持術:解鎖你手機的另一把鑰匙
<div class="speaker">Dennis Heinze、Julian Suleder、Frieder Steinmetz</div>
</div>
</div>
</a>
</li><li>
<a href="/SyxqzS_ugx">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=17:10&end=17:50')">
<div class="time">
<div class="time-text">
17:10<br>
|<br>
17:50
</div>
</div>
<div class="title">
破解 Pixel 8:利用未公開的 DSP 漏洞繞過 MTE 防護
<div class="speaker">Billy、Pan Zhenpeng</div>
</div>
</div>
</a>
</li>
</ul>
### R1
<ul>
<li>
<a href="/Hy5YGruugg">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=13:00&end=13:40')">
<div class="time">
<div class="time-text">
13:00<br>
|<br>
13:40
</div>
</div>
<div class="title">
現代防火牆中以 FQDN 為基礎之過濾機制的隱藏陷阱
<div class="speaker">Takahiro Yamamoto</div>
</div>
</div>
</a>
</li><li>
<a href="/rynFGH_Oxg">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=12:20&end=14:00')">
<div class="time">
<div class="time-text">
12:20<br>
|<br>
14:00
</div>
</div>
<div class="title">
Breaking Autonomy: Hacking Cloud-Native AI Agents
<div class="speaker">Jay Chen</div>
</div>
</div>
</a>
</li><li>
<a href="/rkRKGBOdle">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=14:00&end=14:40')">
<div class="time">
<div class="time-text">
14:00<br>
|<br>
14:40
</div>
</div>
<div class="title">
數發部防制網路詐騙策略
<div class="speaker">鍾佳蓉</div>
</div>
</div>
</a>
</li><li>
<a href="/B1JqfBu_ll">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=16:10&end=16:50')">
<div class="time">
<div class="time-text">
16:10<br>
|<br>
16:50
</div>
</div>
<div class="title">
演化論:揭露 BloodAlchemy 的攻擊模式
<div class="speaker">Suguru Ishimaru、You Nakatsuru、Kiyotaka Tamada</div>
</div>
</div>
</a>
</li><li>
<a href="/SJb5zru_xx">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=17:10&end=17:50')">
<div class="time">
<div class="time-text">
17:10<br>
|<br>
17:50
</div>
</div>
<div class="title">
Agentic ProbLLMs:攻擊電腦操作與程式撰寫代理的探索
<div class="speaker">Johann Rehberger</div>
</div>
</div>
</a>
</li>
</ul>
### R2
<ul>
<li>
<a href="/SyiKMSO_gx">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=13:00&end=13:40')">
<div class="time">
<div class="time-text">
13:00<br>
|<br>
13:40
</div>
</div>
<div class="title">
PS C:\> Gotta Concolic 'em all: Exploiting PowerShell VM to Bring Your Own Symbolic Solver
<div class="speaker">黃智威、馬聖豪</div>
</div>
</div>
</a>
</li><li>
<a href="/rJaFzBu_le">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=14:00&end=14:40')">
<div class="time">
<div class="time-text">
14:00<br>
|<br>
14:40
</div>
</div>
<div class="title">
無聲滲透:深入探討一個中國關聯的網路攻擊行動及其多功 能的 JavaScript 框架
<div class="speaker">Ted Lee、Joseph C Chen</div>
</div>
</div>
</a>
</li><li>
<a href="/BJRYGBuOex">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=15:10&end=15:50')">
<div class="time">
<div class="time-text">
15:10<br>
|<br>
15:50
</div>
</div>
<div class="title">
只需一次 API 呼叫的致命一擊:從硬體逆向到突破保護機制的精準攻擊
<div class="speaker">NiNi</div>
</div>
</div>
</a>
</li><li>
<a href="/S1eqfrO_el">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=16:10&end=16:50')">
<div class="time">
<div class="time-text">
16:10<br>
|<br>
16:50
</div>
</div>
<div class="title">
韌性 2.0:從防火牆走向救生艇
<div class="speaker">Shin Adachi</div>
</div>
</div>
</a>
</li><li>
<a href="/SkWqfrOOle">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=17:10&end=17:50')">
<div class="time">
<div class="time-text">
17:10<br>
|<br>
17:50
</div>
</div>
<div class="title">
日本金融機構的驚人內部詐欺事件:持續發生、愈演愈烈
<div class="speaker">AIDO & Manaka</div>
</div>
</div>
</a>
</li>
</ul>
### R3
<ul>
<li>
<a href="/rktqGSuuxe">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=13:00&end=14:20')">
<div class="time">
<div class="time-text">
13:00<br>
|<br>
14:20
</div>
</div>
<div class="title">
ROP ON ARM64
<div class="speaker">Saumil Shah</div>
</div>
</div>
</a>
</li><li>
<a href="/SJFcfB_ugl">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=15:50&end=17:10')">
<div class="time">
<div class="time-text">
15:50<br>
|<br>
17:10
</div>
</div>
<div class="title">
Navigation Isn’t Yours to Decide — Your Phone Believes What I Broadcast
<div class="speaker">Vanisher、Libo</div>
</div>
</div>
</a>
</li>
</ul>
## 08/16
### 2F
<ul>
<li>
<a href="/HJi5MrOdgl">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=11:00&end=15:00')">
<div class="time">
<div class="time-text">
11:00<br>
|<br>
15:00
</div>
</div>
<div class="title">
Hands-on IoT firmware extraction and forensics
<div class="speaker">Dennis Giese、Arnold Wey</div>
</div>
</div>
</a>
</li>
</ul>
### R0
<ul>
<li>
<a href="/SkzqGHd_le">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=10:10&end=10:50')">
<div class="time">
<div class="time-text">
10:10<br>
|<br>
10:50
</div>
</div>
<div class="title">
利用大型語言模型自動化軟體安全分析
<div class="speaker">Tyler Nighswander</div>
</div>
</div>
</a>
</li><li>
<a href="/SJM9Grd_ll">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=11:20&end=12:00')">
<div class="time">
<div class="time-text">
11:20<br>
|<br>
12:00
</div>
</div>
<div class="title">
模糊化逃脫記:一場關於虛擬機管理程式漏洞研究的冒險
<div class="speaker">Juan Jose Lopez Jaimez</div>
</div>
</div>
</a>
</li><li>
<a href="/S1V5GrOulg">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=13:00&end=13:40')">
<div class="time">
<div class="time-text">
13:00<br>
|<br>
13:40
</div>
</div>
<div class="title">
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
<div class="speaker">angelboy</div>
</div>
</div>
</a>
</li><li>
<a href="/Hk8cMSdule">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=14:00&end=14:40')">
<div class="time">
<div class="time-text">
14:00<br>
|<br>
14:40
</div>
</div>
<div class="title">
如何(不)該玩 Pwn2Own 的賽局策略
<div class="speaker">Rick de Jager、Carlo Meijer</div>
</div>
</div>
</a>
</li><li>
<a href="/H1w5MrOuxl">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=15:10&end=15:50')">
<div class="time">
<div class="time-text">
15:10<br>
|<br>
15:50
</div>
</div>
<div class="title">
The Art of PHP — My CTF Journey and Untold Stories!
<div class="speaker">Orange Tsai</div>
</div>
</div>
</a>
</li>
</ul>
### R1
<ul>
<li>
<a href="/B1Q5fruOee">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=11:20&end=12:00')">
<div class="time">
<div class="time-text">
11:20<br>
|<br>
12:00
</div>
</div>
<div class="title">
正確入侵 Linux 的方式:Zero Day、嶄新技巧與失敗的教訓
<div class="speaker">Pumpkin</div>
</div>
</div>
</a>
</li><li>
<a href="/HyHcfHudxe">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=13:00&end=13:40')">
<div class="time">
<div class="time-text">
13:00<br>
|<br>
13:40
</div>
</div>
<div class="title">
你不孤單:一起打造台灣資安開源的未來
<div class="speaker">陳坤裕、鄧宇翔</div>
</div>
</div>
</a>
</li><li>
<a href="/B1L5GBuOge">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=14:00&end=14:40')">
<div class="time">
<div class="time-text">
14:00<br>
|<br>
14:40
</div>
</div>
<div class="title">
Speed up your reverse engineering with hrtng
<div class="speaker">Georgy Kucherin</div>
</div>
</div>
</a>
</li><li>
<a href="/HJdqzBddex">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=15:10&end=15:50')">
<div class="time">
<div class="time-text">
15:10<br>
|<br>
15:50
</div>
</div>
<div class="title">
ksymless - A kernel rootkit works without kallsyms
<div class="speaker">陳麒升</div>
</div>
</div>
</a>
</li>
</ul>
### R2
<ul>
<li>
<a href="/HJQqzBuule">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=11:20&end=12:00')">
<div class="time">
<div class="time-text">
11:20<br>
|<br>
12:00
</div>
</div>
<div class="title">
MCP: Model Context Protocol or Malicious Control Path?
<div class="speaker">Yusuke Nakajima</div>
</div>
</div>
</a>
</li><li>
<a href="/r1rqfrduxx">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=13:00&end=13:40')">
<div class="time">
<div class="time-text">
13:00<br>
|<br>
13:40
</div>
</div>
<div class="title">
Reload+Reload: Exploiting Cache and Memory Contention Side Channel on AMD SEV
<div class="speaker">Li-Chung Chiang</div>
</div>
</div>
</a>
</li><li>
<a href="/SJPqMru_gl">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=14:00&end=14:40')">
<div class="time">
<div class="time-text">
14:00<br>
|<br>
14:40
</div>
</div>
<div class="title">
超越 OSxP:使用門卡複製、惡意硬體植入和基於 GitHub 的橫向移動的真實世界紅隊作戰
<div class="speaker">Satoki Tsuji</div>
</div>
</div>
</a>
</li><li>
<a href="/rkO5zHduge">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=15:10&end=15:50')">
<div class="time">
<div class="time-text">
15:10<br>
|<br>
15:50
</div>
</div>
<div class="title">
From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
<div class="speaker">童舒晧</div>
</div>
</div>
</a>
</li>
</ul>
### R3
<ul>
<li>
<a href="/rkq9GHuOeg">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=11:00&end=12:20')">
<div class="time">
<div class="time-text">
11:00<br>
|<br>
12:20
</div>
</div>
<div class="title">
HITCON PCB Badge 的辛酸血淚史與破解實戰
<div class="speaker">Justin、aoaaceai</div>
</div>
</div>
</a>
</li><li>
<a href="/r199MS__ex">
<div class="agenda-item" style="--agenda-divider-image-url: url('https://sitcon-agenda-divider-line.vercel.app/image?start=14:00&end=15:20')">
<div class="time">
<div class="time-text">
14:00<br>
|<br>
15:20
</div>
</div>
<div class="title">
From CAN Bus to Compromised ECU: Hands-On Automotive Hacking with RAMN Testbeds
<div class="speaker">Tripp Roybal、Tim Krach</div>
</div>
</div>
</a>
</li>
</ul>
<style>
@import url('https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&family=Roboto+Condensed:wght@400;700&display=swap');
:root {
--bg-color: #000;
--bg-color-hover: #333;
--text-color: #fff;
--highlight-color: #fff;
--border-color: #333;
--border-radius: 10px;
}
/* category collapsible hover */
.summary h2.collapsible:hover {
background-color: var(--bg-color-hover);
}
/* sidebar page item*/
.summary .nav>li>a {
padding: 10px;
border-radius: 10px;
}
/* sidebar page item hover */
.summary .nav>li>a:hover {
background-color: var(--bg-color-hover);
color: var(--text-color);
border-radius: 10px;
}
/* sidebar page item remove left border */
.summary h2+.nav li, .summary h1+.nav li {
border-left: none;
}
/* sidebar page list */
.nav.nav-pills.nav-stacked {
display: flex;
flex-direction: column;
padding: 0 6px;
gap: 7px;
}
html[lang=zh-tw] .summary #summary{
font-family: 'Roboto Condensed', 'Noto Sans TC', sans-serif;
}
.summary {
background-color: var(--bg-color);
color: var(--text-color);
box-shadow: none;
border: none;
}
.summary .toolbar {
background-color: var(--bg-color);
border-color: var(--border-color);
color: var(--text-color);
z-index: 2;
}
.summary #summary>*:first-child {
background-color: var(--bg-color);
position: sticky;
top: 0;
z-index: 1;
border-bottom: 1px solid var(--border-color);
}
.summary .collapsible:is(h1,h2,h3,h4,h5,h6) span.heading-span{
width: 100%;
}
.summary :is(h1,h2,h3,h4,h5,h6).collapsible:not(:first-child) {
border-top: 1px solid var(--border-color);
}
.summary :is(h1,h2,h3,h4,h5,h6).collapsible:not(:first-child) {
margin: auto 6px;
padding: 10px;
border-radius: var(--border-radius);
}
.summary :is(h1):not(:first-child) {
margin-bottom: 10px;
}
.summary :is(h1,h2,h3,h4,h5,h6) .fa-angle-down{
color: var(--highlight-color);
}
.summary .nav > li > a {
color: var(--text-color);
}
.summary .nav-pills > li.active > :is(a,a:focus,a:hover) {
color: var(--highlight-color);
font-weight: bold;
background-color: #444;
border-radius: var(--border-radius);
}
.topbar {
color: var(--text-color);
background-color: var(--bg-color);
box-shadow: none;
border-bottom: 1px solid var(--border-color);
}
.ui-summary-action {
color: var(--text-color);
}
.ui-summary-action.ui-summary-edit{
display:none;
}
.summary .toolbar{
padding-left: 8px;
}
.summary .toolbar .btn:hover {
background-color: transparent;
}
.summary .toolbar .btn:hover {
background-color: var(--bg-color-hover);
}
.summary .toolbar .search input {
background-color: transparent;
}
.book-container {
box-shadow: none;
border-left: solid 1px var(--border-color);
}
.btn.focus,
.btn:focus,
.btn:hover {
color: var(--highlight-color);
}
.summary input.form-control {
background-color: var(--bg-color);
color: var(--text-color);
border-color: var(--border-color);
}
.summary input.form-control:focus {
border-color: var(--highlight-color);
box-shadow: none;
}
.summary code {
background-color: #651fff;
color: white;
border-radius: var(--border-radius);
padding: 3px 10px;
}
.summary.pl-1\.5.open {
padding-left: 0;
}
#summary h1:not(:first-child) {
padding: 5px 10px;
justify-content: center;
border-bottom: solid 1px #333;
border-top: solid 1px #333;
color: var(--text-color);
font-size: 20px;
}
#summary h1:first-child {
cursor: default;
}
/* #summary h1 .heading-span:before { */
/* content: ''; */
/* display: block; */
/* height: 190px; */
/* width: 100%; */
/* background-image: url(https://hitcon.org/2025/logo2025.png); */
/* background-repeat: no-repeat; */
/* background-position: center; */
/* margin-bottom: 10px; */
/* background-size: contain; */
/* border-radius: 0; */
/* border-bottom: solid 1px #333; */
/* } */
#summary h1.collapsible .heading-span {
max-width: 100%;
font-size: 20px;
padding-bottom: 10px;
border-bottom: solid 1px #333;
border-radius: 0;
text-align: center;
color: var(--text-color);
}
#summary h1 .collapsible-icons {
display: none;
}
#summary h1.collapsible {
display: block;
}
#summary h1:first-child {
padding: 0;
margin: 0;
}
/* HITCON 2025 agenda items */
.agenda-item {
display: grid;
grid-template-columns: 56px 1fr;
align-items: center;
gap: 12px;
}
.agenda-item .time {
display: flex;
position: relative;
height: 100%;
width: 100%;
}
.agenda-item .time .time-text {
display: flex;
justify-content: center;
flex-direction: column;
text-align: center;
padding-right: 12px;
height: 100%;
width: 100%;
}
.agenda-item .time::after {
content: "";
background-image: var(--agenda-divider-image-url);
border-radius: 5px;
top: 0;
bottom: 0;
width: 2.5px;
display: absolute;
}
.agenda-item .speaker {
margin-top: 8px;
color: #C7C7CC;
font-weight: normal !important;
}
.summary :is(h1,h2,h3,h4,h5,h6)+.nav:has(.agenda-item){
padding-left: 6px;
}
li:has(.agenda-item) + li:has(.agenda-item){
border-top: 0.5px solid #333;
}
</style>
{"title":"HITCON 2025 共同筆記","breaks":false,"GA":"UA-34467841-15","description":"HITCON 2025 官方網站 [target=_blank]","contributors":"[{\"id\":\"6d3b4625-23c8-4275-a28e-cdc2cb546eda\",\"add\":44,\"del\":0,\"latestUpdatedAt\":1754972953442},{\"id\":\"91068648-be3d-45af-9bd4-c45428b2d79b\",\"add\":46910,\"del\":46429,\"latestUpdatedAt\":1755145106632}]"}