Uncategorized

Thursday, July 11th – 6:12PM @ Wilde Cafe

Written by  on July 4, 2019

Hello Hackers!

This month, our last before we take a break for DefCon proper, we will enjoy a presentation by Gabe Thompson (@grnbeltwarrior) entitled “All your RF belong to us – Not just another RTL-SDR 101 talk”. In his own words:

While not another 101 talk, I’ll hit the high points of RTL-SDR hardware. Then hit some software that comes in handy when looking for interesting radio frequencies. Focusing on gqrx, an open source software defined radio, we will look into what some of the common frequencies look like in the waterfall (AM/FM and finally POCSAG/FLEX). Short definition of what FLEX and POCSAG are and what they are used commonly for. Show how to identify these in the waterfall and some common ranges for them in North America/United States. Lastly go into demonstrating finding them using gqrx, rtl-sdr dongle and other software to display messages.

Sounds exciting, and is definitely something I have wanted to learn more about.

And one more time, a reminder that we will *not* be meeting at Wilde Cafe in August since many of us will be in Vegas for DefCon. We might organize a meetup there and post something, TBD.

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, July 11th 6:12PM

Thursday, June 13th – 6:12PM @ Wilde Roast Cafe

Written by  on May 30, 2019

Hello Hackers!

This month we have two minor updates to get out of the way before we get to our speaker:

  • The name of the venue apparently changed from “Wilde Roast Cafe” to just “Wilde Cafe” somewhat recently so we’re changing the post titles and details accordingly. Hopefully this helps clear up any confusion as to where we actually meet 🙂
  • At our last meeting we were asked the age-old question of “When does DC612 actually start?” and I gave the age-old answer of “Some time between 6 and 6:30 but it really depends on traffic and weather.” Someone suggested we start at 6:12 and dammit that’s just what we’re going to do going forward.

That’s it for the updates, now onto the speaker!

Some of you who have been around for a while might remember Spenser Reinhardt AKA @c0mmiebstrd. He was a regular of DC612 until he moved out of state for work, but he’s back visiting this month and will be giving us an overview of the radare2 reversing framework. In his own words:

Radare2 is a free suite of tools for reversing, exploit development, binary diffing and all sorts of things! This month Spenser will take us through a Trail of Bits CTF challenge using r2 and python. If you’d like to follow along, you’ll need a Kali Linux 2019 system or virtual machine, and the files from here: https://github.com/sreinhardt/CTF-Beginners-Guide

I’m excited to have him back, and the subject matter doesn’t hurt matters either – see you all there!

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, June 13th 6:12PM

Thursday, May 9th – 6PM @ Wilde Roast Cafe

Written by  on May 2, 2019

Hello hackers!

This month, DC612 founder David Bryan (VideoMan) will be giving a preview of his upcoming Thotcon talk titled “Goldilocks and the three ATM attacks”. The abstract reads as follows:


Automated Teller Machines (ATM) attacks are more sophisticated than ever before. Criminals have upped their game, compromising and manipulating ATM networks, software and other connected infrastructure. Between having a third-party manage these machines, and ATMs deployed on low-bandwidth links, it’s an inevitable wild-west environment. In this talk I will review three case studies of ATM attacks, showing how they have become more dangerous than ever before. In this session, I will discuss unknown ATM flaws our pentesting team has uncovered while performing testing, the various ways criminals are attacking ATMs, the many security problems that we have identified with ATM systems, and what can be done to prevent these attacks. I will review three case studies of ATMs. One where the ATM security was extremely poor; One where the security was very good but the ATM still fell victim to an attack because we discovered a zero-day in the management software; And one where the security was just right- but its specific deployment had some major flaws that ultimately led to an ATM compromise. In this last case, the attackers side-loaded an application, and were able to run a criminal ring that led to $7M USD in losses.

Exciting stuff – hope to see you all there!

— TactiFail

Where:  Wilde Roast Cafe – 65 Main St SE, Mpls.
When: Thursday, May 9th 6PM  

Monday, April 22nd – 6pm @ Wilde Roast Cafe

Written by  on April 17, 2019

We are back on for April!

DC612 is back on an irregular night (third Monday) but at our regular location (Wilde Roast). Minnesota tried its best to keep us away, but we persisted!

This month we get Blue, with POWER-RESPONSE!

Power-response is a modular, open-source PowerShell incident response framework that allows incident responders to take advantage of robust tools in a consolidated console while conducting the incident response effort. Power-Response takes advantage of PowerShell remoting and uses additional 3rd party tools for data collection and to perform automated analysis with the goal of reducing the time needed to collect and perform analysis on critical data.
Whether you’re Blue Team, Red Team or just craving the gelato, this talk is for you!
Happy Hacking!

— TactiFail (Original post by Kat)

Where:  Wilde Roast Cafe – 65 Main St SE, Mpls.
When: Monday, April 22nd 6PM

Thursday, April 11th – 6pm @ Wilde Roast Cafe

Written by  on April 6, 2019

Update: Unfortunately with the coming storm we have decided to cancel the April meeting. We may reschedule if it works out for our speakers (and the weather), so keep an eye on this channel for more.


Annnnnnd, We’re Back!

DC612 is back on our regular night (Second Thursday) and at our regular location (Wilde Roast).

This month we get Blue, with POWER-RESPONSE !

Power-response is a modular, open-source PowerShell incident response framework that allows incident responders to take advantage of robust tools in a consolidated console while conducting the incident response effort. Power-Response takes advantage of PowerShell remoting and uses additional 3rd party tools for data collection and to perform automated analysis with the goal of reducing the time needed to collect and perform analysis on critical data.
Whether you’re Blue Team, Red Team or just craving the gelato, This talk is for you!
Happy Hacking!
Kat