-atlas wandering-
   


-atlas wandering-
Bloggorama for breaking things

\

Categories:
  • /(57)

Subscribe
Subscribe to a (RSS) feed of this weblog.



Archives


This Blog





atlasutils-2.2.17.tgz


disass-3.04.tgz

       
Wed, 21 Jun 2006

Correction!

We have been talking with Sk3wlMaster from the Sk3wl0fR00t, who we deeply respect, and are fortunate enough to be on good terms with, and it seems my comparison of Pwnage500 times is a bit skewed. It appeared to take Sk3wl about 20 hours but in reality it took Sk3wlMaster about 8 hours. I mentioned that it took us 4 hours, but given a relocation lag (and food), it would have appeared to take us 6 hours. Still, drb and wrffr compared to Sk3wlMaster at those times is *really* impressive! Sk3wlMaster is one of the greatest bughunters I know.

My apologies to them for the misrepresentation. For those of you who think this may be minor, please consider the amount of respect required for these guys... and you'll figure out why I made this announcement, rather than simply fixing the numbers.

@

[] permanent link / /

Month of Madness

Wow! Talk about a crazy month!
A little over a month ago, I had to put the network appliance upgrade on hold. I made it to release candidate 0. Not a bad worth of work.
However, about a month ago I started heavily preparing to teach a class for SANS. Which one? Of course, Ed Skoudis' famous SANS 504: Hacker Techniques, Exploits, and Incident Handling. So, on June 5th I was on. The most difficult, most gruelling 6 days of back-to-back teaching I've ever done. Day one covers the foundations of handling security incidents. While probably the least sexy, one of the most valuable since very few are skilled at the art of incident handling. The next four days are spent detailing the cyberattack process, with popular examples at each step. We cover everything from Googlehacking to Rootkits, and of course three of my favorite toyz: Nmap, Netcat, and Metasploit Framework. Choops go out to Fyodor, Hobbit and the msf team for their contributions to my entertainment/addictions. On the sixth day the students are put through their paces in a capture-the-flag style hacker challenge. No, we don't make them write their own sploitz :) but they are forced to determine weak points, exploit them and think about how to leverage each completed goal to attain the next. It's very kewl.
It was thrilling and enjoyable to see my students catch on and get clued in on the battlefield that is cyber-attacks. The threats live on all sides, and they got that. When I explained BOF's I was surpised to see very few heads explode! Actually, most of them had a look of concern and understanding... w00t!
One of the most interesting things about the class was the involvement of law enforcement. I'm faced all the time with rumors and humor about how ill-equipt law-enforcement is at dealing with cybercrime. While I'm still of that opinion based on limited resources, etc... I now have hope that the ones who get it, get it. I got to hang out with some of (probably all) the top minds in Michigan's cyber-cops. Most of them did a lot of forensics (whey cool) and they all had a good head on their shoulders... although I'm freightened about how they "obtain" new hardware for the department. :) Makes me not want to get arrested!

While the class was a success and definitely a high....


defcon quals hit (oops, I almost said "next").... the night of day 5. Friday night at 10pm we started the challenge that was defcon ctf quals. That meant that I had to actually sleep (I got at least 3 hours) and spend 10 hours away from my team while I taught day 6, etc.... It was murder, but I was able to stay focused on my class... h311 for me, anyway. My team continued wrockin the whole time. My head was so woosie from teaching all week that I really wasn't much help. We made it all the way through the challenges and got a near perfect score (my bad on that, sorry guys). We were one of only three teams that finished the game, answering all questions. My team then posted the summary of the challenge here

Wow, I'm blessed with an incredible team. That is my choops from quals. I got to walk away knowing that I hand selected that amaxing team. Each of our team members contributed a substantial amount. Everything from building and providing virtual machine OS builds to google research, to team communications, to pickin' up McD's. Here are a couple highlights for me from quals:

* drb and wrffr nailing Potent Pwnables for 500 in four hours (our naval compatriots took about 20 hours)
* Watching (virtually) as drb hacks together code that enables ssldump to decrypt RSA/AES/HMAC tcp streams (Forensics 500)
* psifertex earns his name by brute force cracking a crypto algorithm from BASH! (Binary Leetness 400)
* After much bumbling, I got to finish off the game by nailing Leetness 500 by snagging some decrypted text out of process memory

The team seemed to "get" the whole teamwork thing. Each mate came to the table with everything they had, eager to make things happen... and they did.

Rock on, 1@stPlace.

atlas proves his doof again...


Well, as if there was any question.... I'm an idiot.
Last Wednesday I decided on the best price for airfare to defcon. An airline called Allegiant Air was around $120 each way from Lansing to Vegas. I bought tickets leaving July 27th and coming back the 30th... that would give me Thursday to get settled in, etc...
Bad news. Friday I figure out that dc14 is August 4-6.... I got those cheap tickets for the WRONG WEEKEND! I called the airline and was told that I'd have to spend an additional $200. $100 for price increase, $100 in "change fees". I asked for a supervisor and was told that they would have one call me.
Friday night, nothing
I called back on Saturday... same deal. They won't help me, and my request for a supervisor was met with the same promise.
Saturday night, nothing
Like a good father, I let Sunday come and go without calling.
Monday rolls around and I call again. This time I get a supervisor right off the bat. *Extremely* nice lady. Very understanding... Still, I pleaded for all I was worth... admitting my stupidity and throwing myself at her mercy (rightfully, I might add). She very nicely waived the fees. I still had to pay an additional $100 because the August weekend rates were higher... but it's the same price that intelligent people were paying :)

Enter the good news:
The email which indicated my error started out like this:
Congratulations! DEF CON is pleased to accept you as a speaker at DEF CON 14.

To see when you are scheduled to speak, check the schedule at:
http://www.defcon.org/html/defcon-14/dc-14-schedule.html
To make sure your topic, abstract and bio are correct, go to:
http://www.defcon.org/html/defcon-14/dc-14-speakers.html

Another email followed, including the following:


See ya in Vegas!
atlas

[] permanent link / /




February 2012
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29