Defcon 17

Aug 9th, 2009

Comments: 0
Category: Penetration Testing

Defcon 17

So I got across to Defcon this year (and of course security Bsides)
There were several interesting presentations , here’s some notes on some of the ones that I got along to. The CD is up at defcon.org, and you can get the slides for most of the presentations there.
SSL Talks – There were several presentations on ways to bypass or subvert SSL. From my point of view the drive was around 2 themes. The difficulty in correctly parsing SSL certs due to the complexity of the relevant RFCs and also the weaknesses in the issuing processes of some CAs (which is exacerbated by the fact that any CA can issue a “valid” cert. for any domain). Dan Kaminsky’s white paper on the subject is here, Moxie’s blackhat presentation is here and Michael Zusmans’ blackhat presentation is here (the defcon presentations are on the CD linked above).
Metasploit – The Metasploit team had a whole track to themselves on Saturday and there’s a load of interesting stuff in there, basically looks like Metasploit will have some coverage for most types of assessment eventually, which is very handy!
Egypts presentation on client-side attacks with Metasploit had some great content on browser fingerprinting (not just relying on User-Agent) and client side attacks with Metasploit.
The Oracle presentation from mc and Chris Gates had some good content on going through the steps of an Oracle attack purely using Metasploit (more information on this on CG’s blog
Druid had a good talk on the war-dialer that he’s added to the framework (unfortunately the slides for that one aren’t on the CD, but I’d guess that they’ll be around soon). Another interesting thing in the Metasploit track was the demos of the Mac OSX and POSIX versions of meterpreter which are both in active development.
Other Ruby Tools – There was a bit of a theme of ruby tools across some of the presentations. In addition to all the Metasploit stuff, there was a mobile device fuzzer (although the website for it, www.fuzzit.com isn’t up yet). Also there was a good presentation on Dradis from etd , which is a Pen test management and reporting tool written in Ruby and Rails.
Password Cracking – There was a good presentation, from Matt Weir, on approaches to password cracking, speeding up brute-force attacks and picking good dictionary files . There’s more informaton on this one on his blog as well as on the presentation slides.
Router Hacking – FX had some more information on how to create reliable exploits on Cisco devices and the difficulties in doing so (amazing to think that Cisco Maintain thousands of discreete monolithic router builds!). Slides from the Blackhat presentation are here and White paper here
USB Hacking – Interesting presentation from a guy from MWR on how they approached an assignment to assess the security of a USB device and the approaches to fuzzing that they took. Slides are up on their site here

Add a comment

Your email address will not be shared or published. Required fields are marked *