Shmoocon Day 2



Post Sat Mar 24, 2007 9:38 pm

Shmoocon Day 2

OK, first word that comes to mind is INSPIRING.  I cant wait to get home and really dig into some ideas that i have and hopefully break stuff.  Maybe its exciting in academia when people present papers on new and interesting research but i dont think that beats seeing the first public demo of some new 0wnage technique that will be getting talked about for the next few weeks, maybe but i doubt it.

I have decided that i think the people that talk at these cons continue to do such great work BECAUSE they talk at these cons.  I am sure there are some other factors like drive, determination and just being really really smart but being around the tons and tons of great minds and the great atmosphere at most of the cons really inspires me (and i am sure others) to continue to research or just to work on your fu.

If you havent gone to a security con, i highly recommend going even if you have to go alone because you always meet new people who are (generally) like-minded.  how many parties can you go to as a security or computer dude and have pretty much everyone at the party be interested in what you are interested in?  its great stuff.  tonight (after the talks) people were splitting their time between hack or halo and the hack challenge that applied security had set up and plenty of booze and mingling.  I unfortunately am packing because  i have a plane to catch...yeah big  :( face.

even the smaller cons will give you a sense of the atmosphere and should inspire you to really keep doing what you are doing and trying to learn everything you can.  Again, its something, as a security professional (or striving security professionals) you can do for growth as well as networking.

last thought before i get into the talks i went to, is that this con reinforced my belief that you need to be able to code to be a good innovative security professional.  I'll probably start the code or not to code war again but all the people really giving great talks on attacks relied on their coding skills to pull together their concepts into working attacks or at a minimum you would need to code or alter some code to get an attack to work.  so if you are wondering if you should devote some study time to learning some sort of programming language the answer is yes.  what language, well who knows... that can really be a debate. 

ok on with the talks...

the metro got me to the con a bit late so i couldnt even squeeze into Simple Nomad's talk so i sat in on Ofir Arkins's Bypassing NAC systems (part 2).  he had given some talks on the subject previously so he just talked more about it  pretty good but i only caught the end of it.  i did see him speak at Blackhat and Defcon years ago on Xprobe and i remember them being really good talks his NAC one seemed like it was good and people talking outside after seemed to think it was good.

Matt Fisher, Cygnus and PresMike
Web Application Incident Preparation:

*great talk on the differences between traditional incident response and web application incident response.  huge issues arise because typically there isnt anything left on the victim box to analyze. you are usually stuck with just log files and have to determine if any data egressed your network or site and to what extent and what type of data that was.  they discussed the different types of logging and what to log for your web apps; web server logs, sql logs, os logs, the application logs, etc.  they also went over things to do to try to help tune your IDS to catch web app attacks like creating a dummy database whose data should never be traveling across the network unless someone is dumping you whole database in an attack.  Really good talk.

All three of the talks after lunch looked good but i went with

Billy Hoffman
JavaScript Malware for a Grey Goo Tomorrow:

*Billy Hoffman works for SpiDynamics http://www.spidynamics.com/ and those guys are cranking out great research in the web app field.  he talked about some of the nasty things you can do with javascript and ajax.  big topics were using jikto and XSS to hop hosts with your attacks (something that previously wasnt possible)  really great info.

next talk was

Michael Schearer
The Church of WiFi presents: A Hacker in Iraq:

*decent talk about a navy EW  guy's time in iraq.  mostly dealt with IEDs and what we are doing to address the threat in iraq

next talk

PresMike and Cygnus
Targeted Network Attacks:

*good talk on how an attacker who wanted to target an organization would go about doing it.  good stuff on targeting users, getting malware into the organization, and methods for allowing the desired information out of the network and back to the attacker.  started a bit slow and a bunch of people left but ended up being really good.


Dan Kaminsky
Weaponizing Noam Chomsky, or Hacking with Pattern Languages

*ok if Dan Kaminsky is talking you have to listen and most of the con crammed into the smallest room to listen and it was worth it even if it wasnt about DNS ;) 

last talk i attended

Chris Paget
WPAD: Proxy Attack

* WPAD is Web Proxy Auto Disocvery Protocol (http://en.wikipedia.org/wiki/Web_Proxy_ ... y_Protocol)  Basically with WPAD is that MS browsers if you have the automatically detect proxy settings the browser will send a request  for a wpad file which is basically the proxy list, normally this would be ok if you run everything on your network thru a proxy BUT if you dont this could be an issue because if the attack works, now everything on your network is now going thru a proxy that you dont control :-(

he discussed attack vectors and fixes.  gave some great demos using a wpad tool that he wrote that will track which IP's are looking for the wpad file after you send the attack and he also demoed a hack proxy tool that would act as the man in the middle and did some really wicked stuff like forging SSL certs, forcing the browser to authenticate in plain text or forcing the browser to authenticate with NTLMv1 which can be cracked...whoo hoo.  supposedly releasing the wpad tool but not the hackproxy tool on the ioactive.com site.

well thats it, hopefully people got something out of the recap.  a little more info can be found on the speak bios:

& shmoocon says they will be posting the presentations and video at some point so it should be worth your time to go back and check it out.

thanks again to Don for sending me and if anyone is planning on going next year, buy your tickets early!
Last edited by LSOChris on Sat Mar 24, 2007 9:46 pm, edited 1 time in total.



Posts: 31

Joined: Tue Dec 19, 2006 9:32 am

Location: North - UK

Post Sun Mar 25, 2007 5:48 am

Re: Shmoocon Day 2

Ace. Cons sound like a blast! Thanks for the coverage ChirsG it's been good reading it.

Now that I want to go to a con even more than before, does anyone know of any sec cons that happen in the UK?


User avatar

Jr. Member
Jr. Member

Posts: 96

Joined: Mon Nov 20, 2006 5:02 pm

Post Sun Mar 25, 2007 12:01 pm

Re: Shmoocon Day 2


  Thanks for taking the time out to keep us informed.  I am looking forward to the videos and your reviews are going to help be prioritize my time.

Thanks again,
Go forth and do good things,


Post Sun Mar 25, 2007 4:36 pm

Re: Shmoocon Day 2

plik wrote:Ace. Cons sound like a blast! Thanks for the coverage ChirsG it's been good reading it.

Now that I want to go to a con even more than before, does anyone know of any sec cons that happen in the UK?

in the UK i dont know of one but they do blackhat Europe *Amsterdam (pricey) and the Chaos Communication Congress CCC (i think much cheaper) in Berlin.

there should be one in the UK though

Return to Gates

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software