Here are the videos from the second night of the 2013 ShmooCon FireTalks by @irongeek_adc. Amazingly he had these out by ShmooCon closing ceremonies! And don’t forget to check out the Friday night talks as well. Again, you can check out all of these videos (and tons of other great content) over on IronGeek.com.
Drones: Augmenting your cyber attack tool bag with aerial weapon systems
Zac “@ph3n0” Hinkel
The main focus will be on how to build a fully autonomous drone and discuss how easy they are to operate. Additionally, we are going to show you how to use this drone for pen-testing and other fun activities like: surveillance, WarFlying, GSM phone tracking and man-in-the-middle. We are also going cover how to take pictures while airborne and convert them into 3d rendered models, which will be helpful in that next physical assessment. Along with the technical discourse, we will also discuss legal and policy issues that are at the forefront due to this technology. Finally, during the conference weekend, we will demonstrate some of our drone technology and let people who are interested get some hands-on experience planning out flights and operating the controls in a simulated flight environment.
Managed Service Providers: Pwn One and Done
Damian “@integrisec” Profancik
If you work for or use the services of a Managed Services Provider (MSP), you need to attend this talk. MSPs deliver varying degrees of Information Technology (IT) support to many clients. Some range from fully outsourced IT to on-demand assistance. However, one thing they all have in common, due to the nature of the sensitive access they may have, is the risk they can pose to their clients if they are not careful. I will explorer some of these risks and mitigation strategies. Both from the point of view of the MSP and from the consumer of their service. For those that just want to see cool exploits…we’ll have that too.
No Tools? No Problem! Building a PowerShell Botnet
Christopher “@obscuresec” Campbell
What if you didn’t have access to any of your tools? Armed with only a default Windows installation and 30 minutes, lets build a fully-featured bot that can be controlled anonymously and is capable of achieving persistence against nearly any AV product. Not only is it possible, it is easy and you can do it. This talk will show you how learning PowerShell can make you a more flexible penetration tester. Together, we will walk through building the bot, packaging it and deploying it against even the most hardened targets!
Extending the 20 Critical Security Controls to Gap Assessments and Security Maturity Modelling
John “@pinfosec” Willis
The 20 Critical Security Controls are used to create and utilize a tailored methodology for gap assessment and remediation priorization and planning. The Critical Controls for Effective Cyber Defense are then evaluated for use in creating a standardized Security Maturity Model for baselining security posture and future comparison. The presentation is intended to elicit audience feedback and participation in determining the future of such methodologies and models.
Protecting Big Data From Cyber APT in the Cloud
Bill “@oncee” Gardner
Vendors want to sell you magic solutions. The truth is that magic solutions cost money and alone might not provide you with the protection they promise. It’s time we all hide under our desk from vendors and make sure we are working on the only real solution: people, policies, and processes.
Writing a Thumbdrive for Active Disk Antiforensics
Travis “@travisgoodspeed” Goodspeed
We are taught to think of a disk as a well behaved block device, in which little chunks of data are reliably written and read back. This brief but fast-paced lecture demonstrates what fancy and unexpected things can be done when a neighbor controls a disk’s firmware, violating that assumption of a block device’s good behavior. As a concrete example, I’ll present a prototype of a thumbdrive which can reliably fingerprint the intentions of its host, distinguishing between a legitimate user and a forensics lab. In the case of a forensics lab, the disk wipes itself and switches to an innocent image before anything of importance is read. Code and hardware are both open source as part of the Facedancer and GoodFET projects.
Any comments on any of the Saturday night talks? Let us know in the comments below. See ya!