Uncategorized

Thursday, June 13th – 6:12pm @ Discord

Written by  on June 7, 2024

Hello Hackers!

This month we are joined again by @TactiFail who will be giving us an intro to game hacking:

Nobody wants to pentest yet another e-commerce web app.

Everyone wants to hack <insert your online game of choice here>.

In this talk we will take an entry-level look at two game-hacking techniques. A Unity game-in-progress I am working on (shameless self plug) will be the target. I’ll briefly go over how Unity games are laid out, demonstrate the game mechanics, show two methods you can use to introduce a hack, and implement a (admittedly naive) defense mechanism to detect it and kick an offending user.

I am TactiFail. I have a vague association with DC612 and sometimes I hack things.

Meeting will be on Discord. If you need an invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, May 9th – 6:12pm @ Discord

Written by  on May 9, 2024

Hello Hackers!

This month we are taking a quick look at fuzzing C# projects using SharpFuzz with @TactiFail:

Fuzzing projects is a great way to trade time for vulnerabilities. There is only so much we can test manually, so taking a “throw everything at it and see what sticks” approach can yield some cheap and easy wins. In this talk, we will go over a brief introduction to fuzzing, and then follow along setting up a test harness for a real-world project.

I am TactiFail. I have a vague association with DC612 and sometimes I hack things.

Meeting will be on Discord. If you need an invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, April 11th – 6:12pm @ Virtual

Written by  on April 2, 2024

Hello Hackers!

This month we continue the wireless trend with a talk from @r1otctrl titled “Warwheeling: The Wireless Sk8r”:

Welcome to the next generation of wardriving, where we encourage you to step outside, breathe in the fresh air, and shred the streets as you’re collecting ALL the WIFI. In this presentation, we’ll dive into the world of Warwheeling, a novel twist on wardriving that involves using a onewheel or any PEV as your mobile exploration hub.

Hi! I’m Riøt, SOCC analyst by day, warwheeler by night. My hacker circles are the #Wardriving group on WiGLE, DCG561/305 & Boca 2600. My Onewheel peoples are SoFlow, Float Gang, & Orlando Onewheel. My favorite form of touching grass hands down is going out on long rides on the Onewheel. It gives me a challenge to stress test wardriving rigs that can survive the elements when I’m out exploring. Still very new to RF but the past year has all been a learning period of what works and how to squeeze out every AP while trying to stay lightweight. Over the past year posting on my IG warwheeling content I have found a few others that also prefer this method of wardriving so it’s slowly growing trend wise lol.

Since the last talk went well over Discord, and after some discussion, we will be hosting meetings there going forward. We’ll still need to work out a system for people to view/participate without a Discord account, so maybe that will mean a simulcast and setting up Twitch or something. That’s how Defcon did it for the first remote-only con, but if anyone has any better ideas we are all ears. We’re also looking into recording talks (assuming the speaker is okay with it) so who knows, maybe a YouTube channel is in the future.

If you need a Discord invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, March 14th – 6:12pm @ Virtual

Written by  on March 13, 2024

Update: We are having some technical difficulties with the Jitsi server which just started a moment ago. As a backup, please join us in our Discord server until we can figure out what’s up: https://discord.gg/jKVBVtmk

Hello Hackers!

We are happy to be joined again by @lozaning! Did you make sure to floss and brush? Because if not, they’ll know:

The talk is on the process and tools used to create the first ESP32 self replicating worm in a commercial product, aka the toothbrush botnet. We’ll cover dumping the original firmware, some light RE, the way that ESP32 over the air firmware updates work, setting up a dedicated wifi network to perform MITM attacks, the challenges of creating self referencing firmware in a resource constrained platform, as well as some in process work to automate finding new devices that use the same chips by scraping the FCC’s website.

As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Calling All Speakers!

Written by  on February 21, 2024

Are you interested in speaking at DC612? If so, let us know!

We are always looking for speakers, from the seasoned vets to the newcomers. If you are passionate and knowledgeable about something, we want to hear from you. You don’t need to be an expert either, in fact we like hearing from people who are sharing what they are learning now (as long as the info is accurate, of course).

What do we look for? Honestly any hacker topic is fine. Defcon is a hacker conference, not a computer security conference strictly, so as long as your subject matter would be of interest to other hackers, we’d love to hear it!

If you are interested in speaking (or know someone who is), please fill out this Google Form and we will be in contact: https://forms.gle/yYji2bFoqQRdt3Xj6

Note that there is no need to have or use a Google account for this, but if you prefer to reach us by other means you can:

and include the following info:

  • Name / Handle
  • Talk Title
  • Talk Abstract
  • Speaker Bio
  • Availability
  • Are you okay with the talk being recorded?
  • How do you prefer questions to be handled?

We meet the second Thursday of each month at 6:12 PM U.S. Central Time, virtually on our Jitsi Discord server (invite link). We used to meet on Jitsi but ran into some limits with that. If you are unable or unwilling to present over Discord, please reach out and we will try to figure something out.