Conferences
Defcon talks – Videos available online..
A recent maillist thread shows that the DC15 videos are anow available online [here] Our video (although my voice sounded alot better in my head than it does on video) is available [here]
Thunks from hacking games
In Vegas I bought Herman “Exploiting Online Games” by Greg Hoglund and Gary McGraw. Being the saint that I am, I looked at the book thoroughly on the plane on the way home. Fortunately I was able to verify that most of the pages were there and intact and that were no blatant spelling or grammatical errors – it wouldn’t do to give Herman a broken book. Whilst I was…
On hamsters, Escaping, Escaping of Hamsters and the Lack of escaping in Hamster…
OK.. So as i mentioned before, I saw Robert Graham from Erratasec demo hamster live on stage and wondered if hamster was doing useful input/output sanitization.. If it wasn’t, he was setting himself up for a pop-up that read “owned on stage” or worse a re-direct to tubgirl.. He didnt get owned on stage, which suggested that either the crowd was really well behaved or the tool was doing some…
mh.blackhatFeedback(Side-jacking, Hamster)
Ok.. so its a lot later than i promised, but i did mention that i would post some feedback on some of the talks i ended up catching at this years BlackHat. By far the talk that grabbed the most press was the Erratasec talk on Side-Jacking. Essentially the researchers demonstrated a tool (hamster) that allows an attacker on a shared network (wifi was used as an example, but i…
F(inally)ull Release of BlackHat-Defcon Timing Stuff..
The slides | tool | paper from BlackHat07/DefCon07 have been posted online for your wget’ing pleasure. More details on squeeza (the tool) can be found on the squeeza page, but in a nutshell is a sql injection tool that uses Metasploits concept of splitting exploit/payloads/etc with SQL Injection attacks. Current modules are written for MS-SQL server but include functionality for (user defined sql queries, some db schema enumeration, command execution,…
BlackHat Roundup – Ajax and h.323 and iax
The bulk of security research pertaining to VoIP call control, setup and signaling protocols has focused on the Session Initiation Protocol (SIP), due to the ubiquity and widespread adoption of this protocol. However, a number of other protocols and protocol suites are in use in many organizations and have been adopted by many of the VoIP vendors. Some examples of these protocols are Cisco’s Skinny Client Control Protocol (SCCP or…
Squeeza: The SQL Injection Future?
During our talk we demo’d squeeza.. We will link to the slides and .ppt as soon as we can, but have been getting a few requests already for the code, so here it is.. For those who missed the talk, squeeza is a SQL Injection tool, that once given an entry point can simply a bunch of things. Its the first tool i know of that facilitates full binary file…
Late BlackHat Update..
ok.. so im in my room finally catching up on sleep (or will be in a few minutes) while most people are finishing Microsofts booze at the PURE microsoft party.. BlackHat is over, which means tomorrow we are off to the riviera for defcon.. Marco and i got a lot of positive feedback from our talk, including from guys like rob auger of wasc fame and andrew bortz who we…
BlackHat Progress Report
(always wanted to say that!) 2 SensePost Training sessions are over, and as i type The weekday sessions are at about 50%. Feedback so far has been pretty cool and its been fun to meet new people / bump into some old friends.. The next “biggie” on the horizon is Wednesdays talk.. We have had a fair bit of interest so far and even though the slot has some stiff…
BlackHat, DefCon, Las Vegas
Ok.. so the 2nd plane with SensePost’ers has touched down in LasVegas and the first cheeze-pizza from the caesars food court has been consumed.. So little changes in caesars that it always adds to the surreal feeling that lasts for the entire stay.. We will be in the training rooms over the weekend, and during the week, and will then give our bh-talk, before moving to defcon for the talk…