https://systemoverlord.com/tags/black-hat.htmlRecent content in Black Hat on System OverlordHugoen-usdavid@systemoverlord.com (David Tomaschik)david@systemoverlord.com (David Tomaschik)Tue, 09 Aug 2016 00:00:00 +0000https://systemoverlord.com/2016/08/09/hsc-part-i-hardware-hacking-with-the-hardsploit-framework.htmlTue, 09 Aug 2016 00:00:00 +0000david@systemoverlord.com (David Tomaschik)https://systemoverlord.com/2016/08/09/hsc-part-i-hardware-hacking-with-the-hardsploit-framework.html<p>Just returned from Hacker Summer Camp (Black Hat, BSides LV, DEF CON) and I&rsquo;m exhausted. 10 days in Las Vegas is a <em>lot</em> of Las Vegas, even if you don&rsquo;t spend a lot of time at the slot machines, table games, and shows.</p> <p>My week started off with a training class at Black Hat: <a href="https://www.blackhat.com/us-16/training/hardware-hacking-with-hardsploit-framework.html">Hardware Hacking with the Hardsploit Framework</a> taught by a couple of guys who clearly knew their hardware. I&rsquo;ve previously taken Xipiter&rsquo;s <a href="http://www.sexviahex.com/">Software Exploitation via Hardware Exploitation</a>, which helped with some of the basic concepts, but the two classes were definitely complimentary. SexViaHex predominantly focused on dumping firmware from embedded microcomputers (that is, they had a kernel, typically Linux, and were running applications on them) and analyzing them for exploitable software vulnerabilities (mostly memory corruption-esque issues). HH with Hardsploit, on the other hand, mostly focused on microcontroller-based embedded devices. This was much more a class of dumping flash to locate stored secrets, understanding the hardware of the device, and working from there.</p>https://systemoverlord.com/2014/08/13/def-con-22-recap/Wed, 13 Aug 2014 05:45:33 +0000david@systemoverlord.com (David Tomaschik)https://systemoverlord.com/2014/08/13/def-con-22-recap/<p><img src="https://systemoverlord.com/img/blog/badges.jpg" alt="Conference Badges"></p> <p>I&rsquo;m back and recovering with typical post-con fatigue. This year, I made several mistakes, not the least of which was trying to do <a href="http://www.bsideslv.org/">BSides</a>, <a href="https://www.blackhat.com/">Black Hat</a>, and <a href="https://www.defcon.org/">DEF CON</a>. Given the overlapping schedules and the events occurring outside the conferences, this left me really drained, not to mention spending more time transiting between the events than I&rsquo;d like.</p> <h3 id="bsides-las-vegas">BSides Las Vegas</h3> <p>B-Sides was a blast, but I spent most of the time I was there playing in the Pros vs Joes CTF run by <a href="https://twitter.com/dichotomy1">Dichotomy</a>. This is a particularly nice Capture the Flag competition, since it&rsquo;s based on defending (and attacking) &ldquo;real world&rdquo; networks, rather than the typical Jeopardy-style &ldquo;crack this binary&rdquo; competitions. Most of the problems seen in the real world aren&rsquo;t, in fact, 0-day produced by talented hackers, but in fact configuration weaknesses, outdated software, and insecure practices exploited by script kiddies. PvJ forces you to consider how to harden a &ldquo;corporate&rdquo; environment while still providing the same services. You get a Cisco ASA as your firewall, and can reconfigure services as needed to establish your perimeter and secure your systems. On Day 2, you also get to see just how good you are at breaking in, and just how good (or bad) your opponents are at securing their network.</p>