Defcon 29
I guess this deserves a blog? Whatever. Getting back from the convention I feel like posting about the experience… somewhere. So, here is a handy place to write up what it was like.
First, Defcon is awesome. If you are reading this, and have any positive feelings in regards to the hacker community, attend. It is a hacker mecca. And before you get all upset about my use of the word “hacker” I am using it out of simplicity. I’ve ranted about it before, but for this post, it is simpler to talk about the community as “hackers” and leave it like that.
These are good people. Those who have come before identifying as enthusiasts, hackers, phreakers, and the whole group dynamic. From local groups to the national ones, there are many out there to be a part of. It reminds me of what we are trying to do here. We want to bring people together to learn in a group setting, and from each other find our way in this crazy industry.
I was there with professionals, amateurs, anon, and those that would be happy to network. The one thing that unified us all was the desire to participate. If you are reading this as a member, you already qualify for that part.
I ramble too much it seems… On to the talks I attended (that were memorable)
The Talks
Escaping Containers on a mainframe
The first one was “work” related, in that there are mainframes that I help to maintain at work. It was fun, as the presenters were both entertaining, and they knew what they were talking about. It also illustrated how real-world research is conducted, as they talked about methods, and how they set up the lab. Worth a watch, if you are interested in how teams work to find exploits, if you have any connection to mainframes, or if you want to see how to be entertaining while giving a talk that might have been SUPER boring.
escaping hypervisor on a mainframe
Google Suite Hack
This one was kinda scary, mostly as it dealt with no exploited code, and almost no technical requirements to implement. It went through how to obscure intent with sharing google docs, and how that might be used to maintain access beyond even a full system restore. It boils down to the ability to embed Jscript (not to be confused with JavaScript) code in google documents and then getting your target to follow a link. This is chained to the idea that the applications that are requesting access could be made to look completely legit. A perfect vector for an org that might be “all in” with Google, and be opening links like these as a normal part of daily business.
Breaking secure bootloaders on Android
This one was close to my heart, as I still am wrestling with a locked bootloader on my poor Pixel XL (from VZW) which remains unrooted. (GIMME ROOT VSW!!!) But… this talk put me to sleep. Like, I fell asleep in my chair. I will need to go back to this, and see what is there to be seen, but for now, it is a mystery.
Final thoughts
Defcon is the hacker mecca. Has been for 30 years now (as of next year). If you are a part of the community, find your way to Vegas at least once in your life in August. You will not regret it.
