Archive for the 'Rochester 2600' Category

Actionable Visualizations And Silo Breaking

Dec 12 2015 Published by under Intelligence,News,OSINT,Rochester 2600

This post on hackernews  got my attention. It’s a IoT based visualization showing your activities and health metrics. It’s very flashy and interesting looking, like you’re going to see it in an episode of CSI Cyber. The term “actionable” I’ve usually applied to government types discussing the latest threat intel but we can also take it to apply with our visualizations.

Actionable visualizations, should provides the viewer with brand new information that could not have been easily concluded before. This was a common problem with threat intel practices in years past. You would collect tons and tons of information and render it into a beautiful graph and then look at it and go, “Yup, there’s a graph of all the stuff I already knew.”

Street Corners

Along the lines of circular information collection, I’ve always thought that one of my generation’s problems is how easy it is to never have to listen to disparate positions. I’m able to hide in my corner of the Internet and learn about only the things that I need, and you sit in your corner and we never have to interact. It’s a perspective I took away from the book, Amusing Ourselves To Death.

In my city, like your city, there are lots of different meetup groups and interest meetups and meetups related to meetups. We have programming languages, maker group, security groups, whatever, and they all operate in their own “silos” to take a corporate reference. There are a few outliers that will cross-pollinate by visiting each of the groups when possible and we consider them community advocates.

Where am I going with this?

I’m part of a few groups that will often throw events. We’ll do classes or social events that are open to the public and we want to get the word out but you know what, I just end up telling my own silo about an event that they already knew just like the IoT visualization that tells me what time I ate dinner. How do I stop telling people (and myself) about information that we already know?

Thus, my tryst into visjs to attempt to apply some of the threat intel type relationship modeling (like Maltego) to community outreach. The goal being: (just like how social media analysts and intelligence operatives) try to identify “key influencers” in the area. I’m trying to identify various active communities to make sure that they’re involved when trying to do outreach.

Silo Sociogram

To self-criticize using my beginning premise, this is far from actionable at this point. I haven’t learned anything that I did not already know. I’ve sent out a comment to a few friends to try to expand this to get their perspective on relationships and see if 2600, Interlock, and other community groups might be able to try to break out of their own circular communications.

New Year Review – 2014

For a few years now, I’ve been stating my plans for the rest of the year, and reviewing how the previous year went. Here’s the review:

Last Year

Major Con Presentation

One of my goals was to be accepted into a “Major Con” for some definition of that word. This year I presented at Derbycon, GRRCon, Defcon Skytalks, BSides Detroit, and the Rochester Security Summit. I will say that my moon shot was to be accepted into 30C3 but I was aptly turned down.

Intel/OSINT/OPSEC Project

This intel/OSINT/OPSEC topic has bugged for a few years now and thanks to Edward Snowden, I think I chose a good year to work on it. I put a ton of research time into formalizing what an intelligence gathering campaign would look like, and even implementing it. I even wrote some tools to help me get the job done. I presented my research at GrrCon, RSS, and BSides Detroit. I’ll admit, it’s a bit of a fluffy, opaque subject to talk about, which is why I really wanted to do the research and be done with it. The output from the research is just some new tools in my aresenal.

Hardware Hack into a PCB

Last year, although I was messing around with my hardware hacking project (that I was asked to take down), I never moved it from a proof-of-concept breadboard, to my own custom circuit. This year, I was able to build a couple circuits and get the fab’d. But I didn’t design them so I still think that’s cheating. Going through the process of loading an Arduinio with AVR software was a big enough step.

iButton Door System

DSCF5127DSCF5125

This was a failure. Some of us still talk about it but I didn’t build an iButton door system. I have all t he hardware and Raspberry Pis to do it, I just haven’t put the time in.

Mannequin

My poor mannequin has been around for years. I’ve chopped her head open and loaded her up with an xbee controlled arduino, I’ve made her my T-Shirt model for BSides Rochester, but this was to be the year of her demise. I accomplished this in a fantastic fashion though using Tannerite – an explosive that we packed inside of her.

3D Printing A Model

This was just a fail. I didn’t print anything really. We used a 3D printer to make the badges for BSidesROC this year, but I never actually went through the process myself.

Unplanned Accomplishments

There have been some interesting unplanned accomplishments this year:

  • Becoming a minister and performing in someone’s wedding ceremony
  • Going to Korea, twice
  • Building a silicone brain
  • Having a thermite party to destroy all of my old media
  • Operating a back hoe
  • Receiving my first DMCA request

Next Year

Grown-up Things

This is the year I know I’m going to have to and want to do some what I would call Grown-Up Things. Things that aren’t necessarily about completely full blow chaos and fun. One being learning about how businesses work, forming an LLC, and paying attention to financials. There’s some other things but where’s the fun in discussing that. I just know that this year will be filled with a lot of “Adult” opportunities.

 Crypto

Although I have a decent understanding of crypto, I’d like to put some time in and develop this into a skill. A friend of mine is taking the Stanford Cryptography class and I’m hoping we can learn that together. But beyond that, I’d like to apply it to some actual research. Maybe doing some basic crypto audits of something like BitMessage. I’ll never be a cryptographer, but I’d like to be able to identify and exploit poor cryptographic implementations.

Development

I’m have a decent ability to make something in Python, but it’s all scripting. I’ve never taken a class or anything that would give me any kind of structured development style. My goal for this coming year is to further build my development skills beyond just scripting and hacking things together. Ideally I’d like to join a development team on a project of some kind.

Bitcoin

Gah – Bitcoin… when I say it out loud it sounds so stupid. But this year I’ll be putting time into learning how the bitcoin protocol works, the community that supports it, and slightly riding the roller coaster as it goes up and down. Last year I was doing intelligence when Edward Snowden released all his intel, this year I may be doing Bitcoin when we watch the first crypto currency become regulated.

Hardware RE

This year hasn’t taken me into much hardware reverse engineering lately. I’ll be looking for an interesting project to spend some time on.

Embedded Security goes to Rochester 2600

Mar 04 2013 Published by under Embedded Security,Hardware,Rochester 2600

This is a presentation I gave about embedded security at the last 2600 meeting. This mostly just referencing other people’s work like Joe Grand and Travis Goodspeed who are embedded security gods.

RIT ISTS Red Team

Apr 01 2012 Published by under News,Rochester 2600

Here is a brain dump of what happened this weekend at ISTS 9, SPARSA’s Information Security and Talent Search. A bunch of the people from 2600, Raphael Mudge, Punkrokk, Joe, Gerry, and others were part of the Red Team.

Define:ISTS

The event worked like so:  There were 13 Blue Teams, groups competing in the event. Their job was to take the 5 servers that they were given, run specific services in order to get points, and, something a little different than other competitions, hack into other groups for points. If you do this, you will receive points that are tracked throughout the weekend. Finally, challenges were to be performed that were worth more points.

I really like this style for students compared to CCDC or other types that attempt to give competitors the simulation of running an enterprise network. These competitions will force competitors to stand up services, defend against attacks, and write up little reports that explain how the attackers got in and their remediation plan. This is a great simulation for real enterprise environments for students looking to get into a career as a systems administrator, but ISTS gives you a chance to show off your security skills, even the offensive ones.

Day 0:

Friday, students fill up the GCCIS auditorium and the mood is really light. Teams are wearing silly hats, the group that won last year is feeling pretty confident that they’ve earned some cred to be there again. The red team is stalking in the corner, marking its prey. SPARSA goes over the rules, hands teams their packets, and lets them know how the next day goes. Each of the teams have the rest of the night to go home and build up their attack boxes as VM’s. That’s right, they’re allowed to bring their own VM’s, just to attack other players.

The next morning, we arrive at RIT to meet the red eyed SPARSA members who have been working through networking issues all night.

A side note about the network this year: it was very well done. This may seem like a silly thing to note but seriously, you have almost 100 people pummeling each other over the network, issues will occur. Compared to other years, there were very little issues. Last year we were out of a connection for a long time. This year there may have been a blip here and there, but it was quickly remedied.

The battle ground is RIT’s Innovation Center. If you’ve never seen this thing, it’s like something you’ve seen in Swordfish or the Matrix. The walls are all glass including partitions inside the space itself. The Fish Bowl is slathered with power plugs, ports, projectors, and preposterously plush ammenities.

May The Odds Be Ever In Your Favor

Let me make sure I explain the insanity of the first 30 minutes. Blue teams walk in with their own VM’s loaded up with whatever scripts or automated attacks they want to launch. That’s every team, of 5 people, ready to kill the other 60 players, with all kinds of attacks. And then there’s Raphael, prepped with his Armitage server, automated scripts, and a big smile on his face.

If I were competing, I would have chosen a tactic for the first part of the event, just like The Hunger Games. If you’re going to battle ninja v ninja, you had better make sure your weapons and foo is strong or you’ll end up a bloody pile of  empty dreams. If you’re relying on a strategic victory, you may decide to focus your energy on protecting yourself from others attacks; I call this the run-into-the-woods strategy.

Let me also just say, that the Red Team had no special information related to the event… though we tried. In fact, in some ways, the Red Team is not necessary because all the other teams are already breaking into each other.

We let the students trickle into their stations and the battle begins. We are just scanning subnets when Raphael announces “I have 10 shells!” His scripts have automatically installed meterpreter sessions that are phoning home. His persistence scripts automatically make sure that we can come back to these accounts later. The rest of the red team is destroying boxes, the same as what the Blue Teams are doing to eachother.

Let’s be honest, the best part about being on Red Team is messing with the other teams. The Blue Teams all started with VNC open which made for some hilarious hacker watching. The first was one team that put all their attack scripts on their desktop. This was actually pretty cool attack script which was a reverse shell that automatically tweeted a user’s password when the owned a box. Follow ISTS Tweeter to see the fun they had.

The other one was a group that decided to plug in a drive that contained a lot of personal information. Including a resume. We passed the file to a nc listener that Justin Elze had running on his machine and printed it out to hand deliver to the group. One team member figured out how to break into a box and trick a hard drive into having a single sector. No seriously. This is pretty awesome. The box was never heard from again. It couldn’t be reformatted. Raphael had some fun with one team’s SMTP server and a VNC payload. I’m sure that video will show up somewhere soon.

UPDATE 4/1/12 8pm: Video is up

What’s Next

I usually come to the same conclusion after every year which is “damn, I wish I had planned for X.” I think this year, the conclusion is that, “damn that was fun. Let’s do this more often.”

Interlock has recently been donated a bunch of really good equipment. One of the servers has 20G of memory and lots of hard drive space. We’re going to be setting up a proper Warzone that will allow us to run these type of events when we want to. I’m going to rely on the other 2600 people to get something cool setup.

Rochester 2600 Meetings: WTF

Feb 03 2012 Published by under Rochester 2600

Every month we do the 2600 meetings. Lately I send out this ridiculous email to my circles and social networks explaining a theme of the meeting. It looks something like the one I did for January:

Only 12 months away from the end of days where the Earth’s polarity will completely flip causing server faults to erupt with hot Java and spew volcanic bash. Sudonomies will destroy cities and cause packet storms. 2012 will mark the return of the Carriage causing lines to break all over the world.

This month’s pre-apocalypse meeting will cover topics completely unrelated to your apocalyptic survival. In fact, the skills learned will most likely be completely useless in the face of actual danger. These are the presentations that are happening this month. The titles do not represent any of the subject matter nor the presenters names.

0) Antitree: Things I Learned By Not Attending 28c3
1) Algorythm: Why My SSLScan is Better Than yours
2) Punkrokk: Would You Like To Ride My Pwnie (Pwnie Plug talk)
3) SecCaoBoi: Mopping The Network With a WPAD Attack
4) JewNinja: XSS Attacks: Finding A Hole In a Brick Wall

Doors open to the public at 7pm.

The 2600 meeting is a copyright of Emmanual Goldstein and his band of merry hackers. All usage of the 2600 name and logo is directly prohibited without the direct written consent of Captain Crunch. The world may not end in 2012 but it is up to the user to kiss his or her own ass goodbye prior to any apocalyptic event. Ass kissing assistance will not be provide in any case. Members are prohibited from attending meetings. Requests for membership can only be made if you are an existing member and in good standing with Heidi Potter and a resident of the great state of Alaska.

First of all, I recognize how this is very frightening to most. I’ve seen responses like “Where do you get your drugs” or “who the eff is this guy?” Punkrokk showed this to Heidi Potter (the organizer of Shmoocon) and I’m sure it raised an eyebrow. So to explain why I do it here it goes: I don’t know – it makes me giggly.

Non-Members Meme

The random emails have had a consistent reference to how members of 2600 were  not invited and you had to not be a member to get in. This came from whenever someone asked me about 2600, they would say “How do you become a member” or “How many members do you have.” To me this was  a sign that they had never been to a 2600 meeting and, as Zach Fasel said to me on my first 2600 meeting ever: “Newb.” Of course I’m supposed to say there’s nothing wrong with that, blah blah blah but it was another opportunity to have an inside joke with people that had been to the meetings. So all the references to “Non-members only” was my joke to myself (albeit not even that funny) mostly to entertain myself when only 4 people came to meetings.

What’s also funny is that people at the hackerspace, where we hold the meetings, took “non-members only” to mean that Interlock members were not invited to the meetings which made me laugh as well.

So look at me and my hilariousness. Aren’t I so funny! I’ve created inside jokes that have grown out of control. There. Done.