mauvehed came down from Austin to give us an AHA! lesson and show us some physical security stuff. Sciatic demoed some TPM items in Windows I showed some ways to roll your own OTP system without Azure Rights Management (see: https://github.com/angelovescio/arms and http://theytookmyinterwebs.blogspot.com/2015/08/you-down-with-otp-you-know-me-how-to.html) Also, we moved the SAHA! schedule so pay attention to the dates […]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters Show hidden characters [StructLayout(LayoutKind.Sequential, Pack = 0)] public struct IO_STATUS_BLOCK { public uint status; public IntPtr information; } [DllImport("ntdll.dll", […]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters Show hidden characters extern crate getopts; extern crate redis; extern crate time; use redis::RedisResult; use redis::Value as RV; use […]
Thank you to the CSA group at UTSA for asking me to come and present. Here is a PDF of the slide deck SMT.
I know I’m slow…but that can be good in certain quests. I would recommend the following to accomplish this challenge. Windows VM via Virtual Box or VM Player/Workstation Ollydbg or ImmunityDBG (IDA Free is an overkill) Favorite programming/scripting language (Python, Ruby, PHP, C#, whatever++) The challenge is to download this file > tini.dat < and make […]
Compilation/Debug Cheatsheet for Cygwin (put the NDK and SDK in your Cygwin home dir) Note for all: Additional include dirs, and libs may be required for compilation depending on the functionality you want to add for x86: client> g++.exe -fno-stack-protector -ggdb -static file.c -o file.exe client> gcc.exe -fno-stack-protector -ggdb -static file.c -o file.exe for x64: […]
David’s presentation on SCADA systems Scada Systems
Here’s Porter’s slides on Everrat, Malware cloud C2. EverRAT nullbnx – twitter nullbnx@bnxnet.com http://www.bnxnet.com/2013/04/15/malware-in-the-clouds-everrat/
Nick’s presentation on flashing chips with RaPi over SPI RaPi Flashing
From Scriptjunkie – summary of the red team activity and observations from SWCCDC: SWCCDC Red Team 2013 Twitter: @scriptjunkie1 Website: Scriptjunkie’s site