April 18th, 2014

Defcon 2010 Review

This year’s defcon was a lot of fun, but the overcrowding is a serious flaw which made it very difficult to get into many of the talks (especially the good ones). I spent a fair amount of time socializing with some of the people I only get to see at con-time, but I still managed to see a few pretty good talks. Here are notes on a few of the talks that I went to. Unfortunately though, I lost some of the notes that I took due to a phone issue.

  • Pwnies! — This one really belongs in the black-hat wrap-up, but I neglected to cover it there. The pwnies were both fun and interesting as usual. They outlined some of the best and worst of the security industry over the last year. This was one of my favorites (and winner) from the award for most Epic Fail: Internet Explorer 8 was released with built in cross-site scripting filters which, for nearly a year after release, enabled cross-site scripting on otherwise secure sites. Ironic. Epic. Fail. Here is a list of the winners. Also entertaining, You got pwned — The Song.
  • DarunGrim3 — This is an open-source bin diff’er with taint analysis. Has an IDA plugin to help visualize changes. He also came up with a new method for automatically comparing patches to try to find the portions relevant to security by applying heuristic scoring for each section of changed code.
  • Moon-Bouncer — Interesting talk from a ham radio guy about non-standard communication lines, satellites and how to bounce signals off of the Moon (literally).
  • This was an interesting link from Fyodor’s talk on nmap scripting. They did some analysis on the top favicons on the internet and placed them in a zoomable map that scales each favicon’s size according to the number of sites/hosts it was on.
  • Ninja Badges and Party — The ninja guys did an amazing job with their badges and party this year. I wasn’t cool enough to score a badge, but @sweetums hooked me up with an invite to the party. The work they put into the badges is pretty impressive, and surpassed the defcon badge by far (but to be fair, the budget was a lot higher). For the party they rented out a newly remodeled hotel right next to the Alexis Park. It was outdoors next to the pool and palm trees which was reminiscent of the old Defcon days. I met a few new cool people here and also caught up with a few people I hadn’t seen in years. Some of the finishing touches on the party were the nintendo-core band MiniBosses and whole bunch of old-school video arcade games.
  • spraypal — This was a talk on a couple new tools that replay known attacks into IDS systems for testing. I didn’t actually see this talk, but the tool looks useful. This is about where I lost some of my notes due to phone issues, so my descriptions are more sparse, :).
  • My Life as a Spyware Developer — This was a surprisingly entertaining look at one persons experiences doing development work for a spyware company.
  • Function hooking for OSX and Linux — Not a bad talk on function hooking. One entertaining portion was how he created an evil ruby build with “performance enhancements” to persuade people to run it. This worked by removing all garbage collection, so it actually was faster… at first, :).
  • Kartograph — These guys had an interesting approach to memory analysis of video game processes through diff’ing and visualizing. They were able to locate specific parts of game (like maps or units) by snapshotting memory several times throughout game-play, and then graphing the results. By playing with graph alignment they could narrow it down and visually represent the game map areas of memory. Once they located these data structures they could manipulate them to do various things like reveal the entire map, or effectively give infinite life to their characters.
  • RazorBack — I didn’t see this talk, but this tool was released at defcon, and it sounds pretty interesting.
  • Hardware / USB talks — There were several talks on hardware hacking and custom USB dongles for generating keystrokes to compromise a system. One of presented devices had a wireless controller to be able to trigger the payloads remotely at an arbitrary time. Kind of a neat idea, but there was a lot of duplicate content (some of it was derivative work). One of the talks covered the arduino, and mentioned USB driver fuzzing, but didn’t really get into any of the interesting details.

Thanks to everyone that I met or hung out with during and after the conference. I talked to a lot of great people, and I think the social and community aspect to Defcon is what makes it especially worth going to. I hear rumors that next year is going to take place at the Rio, so maybe space/crowding/lines won’t be an issue.

Ryan’s presentations at Defcon/BlackHat

If you’re around for BlackHat/Defcon/Bsides, you should definitely check out one of Ryan’s many presentations. He starts at BSides giving a talk titled Multi-Player MetaSploit, and then shortly after that will be doing Arsenal of Tools at BlackHat. At Defcon he’s also going to be very busy, and will be giving a presentation on Multiplayer Metasploit: Tag-Team Penetration and Information Gathering, and a skytalk on reporting and automating attacking with Metasploit. Hopefully I have all of that right, but either way you should check out at least one of his talks. Also be on the lookout here for some other updates from Ryan.

Other talks from friends of MRL that you should definitely check out are Zach Lanier, Luis Eduardo, Tyler Krpata and Joe McCray. See you there!

Last day of Toorcon X pre-registration

Today’s the last day to pre-register for this year’s Toorcon X. Held in sunny San Diego, Toorcon is always a blast. There are always a lot of interesting people (speakers, attendees and staff included) to meet and hang out with. In my opinion it’s one of the best security conferences out there, and you should definitely check it out. Hope to see you there!

Shmoocon 1000!

Shmoocon is this weekend! For anyone lucky or persistent enough to get tickets, we’ll see you there! It looks like there are some good presenters there. I’m looking forward to seeing Josh Wright’s new talk on PEAP: Pwned Extensible Authentication Protocol.

Hack in the box videos online

Videos for the HITB conference in Malaysia are now available online for free. There’s around 26 different talks that cover both days of the conference covering a range of topics including SCADA, web/ajax/database hacking, bluetooth, biometrics, protocol fuzzing, CCTV hacking and anti-forensics along with several others. I do like this trend of making conference materials (especially video) available online, and I hope it continues. Happy torrenting.

Defcon One Five CFP in effect

The CFP is now open for defcon. It officially closes June 15th, but getting a submission in early will help chances of being accepted since they pre-schedule a certain number of people before the deadline to encourage early submissions. The BlackHat USA conference during the same week in vegas is also having their CFP, though its deadline is May 1. Good luck submitters, :) .

Shmoocon 2007 this weekend

Some of the MRL gang will be at Shmoocon in DC this weekend. Give us a shout if you’re in the area! I’d tell you to come by since it’s a great conference, but it’s been sold out for quite a while now. Check it out next year if you can, :) .

More con videos

From all reports it sounds like the CCC conference in Berlin went very well this year with many great presentations. Those of us that were unable to attend are now lucky enough to see the videos that have already been posted online. It looks like many of them have made it to google video as well.

Also, following up on an earlier entry, Jeff Moss recently posted on a few mailing lists that the Black Hat US videos from 2006 are now available for download. It appears that the regular media page does not have it available, but if you subscribe to the RSS feeds you can get access to the iPod versions (video and audio).

DefconBots rules announced

For those interested in competing in the defcon robotics challenge, the new rules have been posted. It looks like the competition is similar to last year’s with some minor enhancements. The basic idea is to create a robotic gun that can take down small targets autonomously. Looks like fun, maybe I’ll slap together the airsoft gun and the servos I bought for last year’s competition, :). Any MRL people interested in helping out, let me know.

MRL and upcoming conferences

We have a couple conferences that we’ll be going to and also speaking at that are coming up over the next couple weeks. The first is Toorcon, and then the following week we have Security Opus. Both of which are very much worth attending (even if we weren’t speaking there, =), so you should come out and join us. Say “hi” if you’re around, we should have MRL stickers on hand. Here’s the schedule:

See you there!

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS