September 18th, 2014

Defcon 2010 Review

This year’s defcon was a lot of fun, but the overcrowding is a serious flaw which made it very difficult to get into many of the talks (especially the good ones). I spent a fair amount of time socializing with some of the people I only get to see at con-time, but I still managed to see a few pretty good talks. Here are notes on a few of the talks that I went to. Unfortunately though, I lost some of the notes that I took due to a phone issue.

  • Pwnies! — This one really belongs in the black-hat wrap-up, but I neglected to cover it there. The pwnies were both fun and interesting as usual. They outlined some of the best and worst of the security industry over the last year. This was one of my favorites (and winner) from the award for most Epic Fail: Internet Explorer 8 was released with built in cross-site scripting filters which, for nearly a year after release, enabled cross-site scripting on otherwise secure sites. Ironic. Epic. Fail. Here is a list of the winners. Also entertaining, You got pwned — The Song.
  •  
  • DarunGrim3 — This is an open-source bin diff’er with taint analysis. Has an IDA plugin to help visualize changes. He also came up with a new method for automatically comparing patches to try to find the portions relevant to security by applying heuristic scoring for each section of changed code.
  •  
  • Moon-Bouncer — Interesting talk from a ham radio guy about non-standard communication lines, satellites and how to bounce signals off of the Moon (literally).
  •  
  • This was an interesting link from Fyodor’s talk on nmap scripting. They did some analysis on the top favicons on the internet and placed them in a zoomable map that scales each favicon’s size according to the number of sites/hosts it was on.
  •  
  • Ninja Badges and Party — The ninja guys did an amazing job with their badges and party this year. I wasn’t cool enough to score a badge, but @sweetums hooked me up with an invite to the party. The work they put into the badges is pretty impressive, and surpassed the defcon badge by far (but to be fair, the budget was a lot higher). For the party they rented out a newly remodeled hotel right next to the Alexis Park. It was outdoors next to the pool and palm trees which was reminiscent of the old Defcon days. I met a few new cool people here and also caught up with a few people I hadn’t seen in years. Some of the finishing touches on the party were the nintendo-core band MiniBosses and whole bunch of old-school video arcade games.
  •  
  • spraypal — This was a talk on a couple new tools that replay known attacks into IDS systems for testing. I didn’t actually see this talk, but the tool looks useful. This is about where I lost some of my notes due to phone issues, so my descriptions are more sparse, :).
  •  
  • My Life as a Spyware Developer — This was a surprisingly entertaining look at one persons experiences doing development work for a spyware company.
  •  
  • Function hooking for OSX and Linux — Not a bad talk on function hooking. One entertaining portion was how he created an evil ruby build with “performance enhancements” to persuade people to run it. This worked by removing all garbage collection, so it actually was faster… at first, :).
  •  
  • Kartograph — These guys had an interesting approach to memory analysis of video game processes through diff’ing and visualizing. They were able to locate specific parts of game (like maps or units) by snapshotting memory several times throughout game-play, and then graphing the results. By playing with graph alignment they could narrow it down and visually represent the game map areas of memory. Once they located these data structures they could manipulate them to do various things like reveal the entire map, or effectively give infinite life to their characters.
  •  
  • RazorBack — I didn’t see this talk, but this tool was released at defcon, and it sounds pretty interesting.
  •  
  • Hardware / USB talks — There were several talks on hardware hacking and custom USB dongles for generating keystrokes to compromise a system. One of presented devices had a wireless controller to be able to trigger the payloads remotely at an arbitrary time. Kind of a neat idea, but there was a lot of duplicate content (some of it was derivative work). One of the talks covered the arduino, and mentioned USB driver fuzzing, but didn’t really get into any of the interesting details.
  •  

Thanks to everyone that I met or hung out with during and after the conference. I talked to a lot of great people, and I think the social and community aspect to Defcon is what makes it especially worth going to. I hear rumors that next year is going to take place at the Rio, so maybe space/crowding/lines won’t be an issue.

Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS