Thursday, April 11th – 6:12pm @ Virtual

Hello Hackers!

This month we continue the wireless trend with a talk from @r1otctrl titled “Warwheeling: The Wireless Sk8r”:

Welcome to the next generation of wardriving, where we encourage you to step outside, breathe in the fresh air, and shred the streets as you’re collecting ALL the WIFI. In this presentation, we’ll dive into the world of Warwheeling, a novel twist on wardriving that involves using a onewheel or any PEV as your mobile exploration hub.

Hi! I’m Riøt, SOCC analyst by day, warwheeler by night. My hacker circles are the #Wardriving group on WiGLE, DCG561/305 & Boca 2600. My Onewheel peoples are SoFlow, Float Gang, & Orlando Onewheel. My favorite form of touching grass hands down is going out on long rides on the Onewheel. It gives me a challenge to stress test wardriving rigs that can survive the elements when I’m out exploring. Still very new to RF but the past year has all been a learning period of what works and how to squeeze out every AP while trying to stay lightweight. Over the past year posting on my IG warwheeling content I have found a few others that also prefer this method of wardriving so it’s slowly growing trend wise lol.

Since the last talk went well over Discord, and after some discussion, we will be hosting meetings there going forward. We’ll still need to work out a system for people to view/participate without a Discord account, so maybe that will mean a simulcast and setting up Twitch or something. That’s how Defcon did it for the first remote-only con, but if anyone has any better ideas we are all ears. We’re also looking into recording talks (assuming the speaker is okay with it) so who knows, maybe a YouTube channel is in the future.

If you need a Discord invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, March 14th – 6:12pm @ Virtual

Update: We are having some technical difficulties with the Jitsi server which just started a moment ago. As a backup, please join us in our Discord server until we can figure out what’s up: https://discord.gg/jKVBVtmk

Hello Hackers!

We are happy to be joined again by @lozaning! Did you make sure to floss and brush? Because if not, they’ll know:

The talk is on the process and tools used to create the first ESP32 self replicating worm in a commercial product, aka the toothbrush botnet. We’ll cover dumping the original firmware, some light RE, the way that ESP32 over the air firmware updates work, setting up a dedicated wifi network to perform MITM attacks, the challenges of creating self referencing firmware in a resource constrained platform, as well as some in process work to automate finding new devices that use the same chips by scraping the FCC’s website.

As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, February 8th – 6:12pm @ Virtual

Hello Hackers!

This month, we will be joined by Mauddib28 who will be speaking about the exploration of Bluetooth and the pain points encountered along the way:

This talk will be about the pains and victories encountered while trying to get an understanding of the Bluetooth landscape. The exploration of Bluetooth begins with an assessment of the protocol’s basics, the topography of existing toolsets, and a determining of where/how to launch probes of the environment. During this process, the researcher has to discern limitations of the tools and establish initial instruments for explorations. We will review the pain-points perceived along with lessons learned in the development of these skills. The review of the Bluetooth research ranges from scanning/discovery of devices, their enumeration, and their interaction with potential objects. Devices investigated include the BLE CTF, custom made servers, and unknown devices found in the wild. The platform was constructed using Python with the BlueZ and dbus libraries.

Wortman is a PhD in Electrical and Computer Engineering from the University of Connecticut with research that ranged from network analysis to cyber security risk evaluation. He now focuses on Bluetooth protocol and devices research.

As usual, we will be meeting online at https://cafe.cyberia.club/dc612.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, January 11th – 6:30pm @ Virtual

Hello Hackers!

Note the time change! We start at 6:30PM instead of the traditional 6:12PM at the request of our speaker, because…

This month, we will be joined by @4lph4V all the way from India (11.5 hours ahead of Central time) who will be presenting his talk titled “Transitioning into Offensive Security”:

This session delves into the practical aspects and challenges faced when embracing an offensive security role. From acquiring essential skills to navigating the evolving landscape, gain valuable insights to empower your transition into the realm of offensive cybersecurity

Vaibhav is an Associate Security Consultant at Securityium, recognized as one of MLH’s Top 50 Most Inspirational Hackers of 2023. Passionate about community building, he spearheads Club TechBrewers, a platform to learn, connect and build with like minded folks. With extensive speaking experience of delivering 15+ talks, Vaibhav shares expertise in offensive security and penetration testing, making him a sought-after contributor to the cybersecurity community.

As usual, we will be meeting online at https://cafe.cyberia.club/dc612.

Talk starts at 6:30PM (time change!) U.S. Central, but feel free to hop in early and chat.

— TactiFail