Skip to content

By jaredbird in Uncategorized

Karl Fosaaen will be presenting on Attacking iOS Apps with Proxies at the November 14th DC612. This presentation will cover the basics of attacking iOS applications (and their back ends) using a web proxy to intercept, modify, and repeat HTTP/HTTPS requests. From setting up the proxy to pulling data from the backend systems, this talk will be a great primer for anyone interested in testing iOS applications at the HTTP protocol level. There will be a short primer on setting up the intercepting proxy, followed by three practical examples; showing how to intercept data headed to the phone, how to modify data heading to the application server, and how to pull extra data from application servers to further an attack. All of these examples will focus on native iOS apps (Game Center and Passbook) and/or functionality (Passbook Passes).

Karl is a senior security consultant at NetSPI. This role has allowed Karl to work in a variety of industries, including financial services, health care, and hardware manufacturing. Karl specializes in network and web application penetration testing. In his spare time, Karl helps out as an OPER at THOTCON and a swag goon at DEF CON.

Agenda:

6:00PM-6:30PM – Get in, get drinks and food ordered

6:30PM – Karl Fosaaen – Attacking iOS Apps with Proxies

Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413

By jaredbird in DC612 Meetings

For the October DC612 meeting, Spenser Reinhardt will be presenting a talk recently given at Nagios World Conference 2013. It is specifically related to securing and hardening a Nagios core or XI server, however will be abstracted somewhat to work with linux in general and generic questions are welcome. Bring your questions on linux hardening and ways to better improve your security!

Agenda:

6:00PM-6:30PM – Get in, get drinks and food ordered

6:30PM-???? – Spenser Reinhardt

Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413

By jaredbird in DC612 Meetings

This month we are going to have a project night as well as discussions about the conference last month. If you have a project you want to work on, or have a project you just want to show off, bring it in. As always, anyone and everyone are welcome.

Agenda:

6PM-??? – Project Night / DEFCON Recap

See you Thursday!

-DC612

Hack Factory is located in the Seward neighborhood.

3119 East 26th ST

Minneapolis, MN 55418.

http://dc612.org

http://twitter.com/dc612

http://groups.google.com/group/dc612

By jaredbird in Uncategorized

This month we are going to have some informal discussions about the Defcon conference coming up in a few weeks in Las Vegas. If you plan on attending Defcon, or just want to come hear about how great of a conference it is, come and join in on the discussions about who to see, what to do, what to bring, what not to do, etc.

Agenda:

6PM-??? – Pre Defcon Discussions

See you Thursday!

-DC612

Hack Factory is located in the Seward neighborhood.

3119 East 26th ST

Minneapolis, MN 55418.

http://dc612.org

http://twitter.com/dc612

http://groups.google.com/group/dc612

By jaredbird in Uncategorized

The payload from the balloon launch last October was found on June 1st. A guy in Wisconsin was hunting on his property when he spotted the styrofoam cooler. It was found at approximately 45.175661,-92.034424. He called my cell number which had been attached to the side of the cooler. He said it “stuck out like a sore thumb in the trees.” He also said the payload and equipment inside was “destroyed”, but was able to retrieve the SD card from the camera and mailed it to me. The full length unedited video can be found at http://www.youtube.com/watch?v=o_JOcD3BYKM. We learned several good lessons including using a better cell phone carrier to track the payload and as seen in the video, better stabilizers are needed for the next attempt. I suppose it would also be a good idea to wait for a clear day next time around….

- Jared