2024 Toxic BBQ September 21st!

Hello hackers!

We have exciting news: The 2024 DC612 Toxic BBQ is on!

Big thank-you to Marie for purchasing the permit this year!

• When: Saturday, September 21st from 4PM to 10PM Central
• Where: Minnehaha Falls Regional Park, Wabun Picnic Shelter F (map here)
  • 4655 46th Ave South, Minneapolis MN 55406
  • NOTE: This is a different site from the last two years, but it’s right next to it. About 100 feet North, give or take*.
• What:
  • Food! Bring food and we will grill it, or just show up and eat.
  • Hackers! We have been told there may be hackers in attendance.
  • Music? Games? Prizes? Stickers? Whatever you bring!
  • Beeeeeees! Due to budget cuts, we will not be providing bees this year.
• Cost: Zero dollars!

This is a group-led event, so it is only as good as we make it. We have a sign-up sheet here to track what everyone is bringing, please fill it out if you plan on bringing stuff. Please note that canned beer is allowed, but no other alcohol per permit rules We are waiting to hear back on the alcohol front. We always need food, but paper plates, plastic utensils, and napkins never go out of style. If someone wants to bring musical entertainment, or games, or a vulnerable WiFi spot, all the better!

Nobody is required to bring anything or pay anything to attend and eat, but keep in mind that our official budget is also zero dollars, so we will only have what we all contribute.

This will be our fourth year running:

• 2021 at the Lauderdale Community Park
• 2022 and 2023 at Minnehaha Falls Picnic Area

and we’re hopeful to keep this tradition going for even longer.

See you all there!

---

* My calculations for the distance are as follows:

On Google Maps, I zoomed in as close as I could to get the best picture of the two sites. The scale on the bottom right shows that 20 feet are represented by 117 (113 + 2 on each side) pixels:

I used Greenshot to measure the distance between the two sites and found that they were 99x by 672y pixels apart. Some quick math:

99 / 117 = .846 * 20ft = 16.9 ft West

672 / 117 = 5.744 * 20ft = 114.9 ft North

The straight-line distance can be solved thanks to our friend Pythagoras and ChatGPT:

So they are 116.14 feet apart.

As to the compass direction, a 32-point compass will define 7 points between North and West:

According again to ChatGPT (I am not awake enough to math this myself) you can use the following calculations to get the angle from North:

Since each point in a 32-point compass represents 11.25 degrees, that would put us at NbW, or “North-by-West”, since 8.39 is less than 11.25 but greater than the halfway point between North and NbW (11.25 / 2 = 5.625).

So when I said “100 feet North” earlier, I apologize if I offended any sailors or land surveyors who may have expected a little more precision.

QED

Thursday, July 11th – 6:12pm @ Discord

Hello Hackers!

This month we are joined by Ryan O’Horo (@redteamwrangler) who will be presenting his talk “Reverse Engineering an ALPR Ecosystem”:

I took a very serious interest in a specific type of ALPR [Automatic License Plate Recognition] camera, tens of thousands installed in cities across the US (including Minneapolis), recording every passing vehicle 24/7. I know where they are, what they do, how they’re sold, and how they’re broken.

I’m an artist and security engineer.

Meeting will be on Discord. If you need an invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, June 13th – 6:12pm @ Discord

Hello Hackers!

This month we are joined again by @TactiFail who will be giving us an intro to game hacking:

Nobody wants to pentest yet another e-commerce web app.

Everyone wants to hack <insert your online game of choice here>.

In this talk we will take an entry-level look at two game-hacking techniques. A Unity game-in-progress I am working on (shameless self plug) will be the target. I’ll briefly go over how Unity games are laid out, demonstrate the game mechanics, show two methods you can use to introduce a hack, and implement a (admittedly naive) defense mechanism to detect it and kick an offending user.

I am TactiFail. I have a vague association with DC612 and sometimes I hack things.

Meeting will be on Discord. If you need an invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, May 9th – 6:12pm @ Discord

Hello Hackers!

This month we are taking a quick look at fuzzing C# projects using SharpFuzz with @TactiFail:

Fuzzing projects is a great way to trade time for vulnerabilities. There is only so much we can test manually, so taking a “throw everything at it and see what sticks” approach can yield some cheap and easy wins. In this talk, we will go over a brief introduction to fuzzing, and then follow along setting up a test harness for a real-world project.

I am TactiFail. I have a vague association with DC612 and sometimes I hack things.

Meeting will be on Discord. If you need an invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail

Thursday, April 11th – 6:12pm @ Virtual

Hello Hackers!

This month we continue the wireless trend with a talk from @r1otctrl titled “Warwheeling: The Wireless Sk8r”:

Welcome to the next generation of wardriving, where we encourage you to step outside, breathe in the fresh air, and shred the streets as you’re collecting ALL the WIFI. In this presentation, we’ll dive into the world of Warwheeling, a novel twist on wardriving that involves using a onewheel or any PEV as your mobile exploration hub.

Hi! I’m Riøt, SOCC analyst by day, warwheeler by night. My hacker circles are the #Wardriving group on WiGLE, DCG561/305 & Boca 2600. My Onewheel peoples are SoFlow, Float Gang, & Orlando Onewheel. My favorite form of touching grass hands down is going out on long rides on the Onewheel. It gives me a challenge to stress test wardriving rigs that can survive the elements when I’m out exploring. Still very new to RF but the past year has all been a learning period of what works and how to squeeze out every AP while trying to stay lightweight. Over the past year posting on my IG warwheeling content I have found a few others that also prefer this method of wardriving so it’s slowly growing trend wise lol.

Since the last talk went well over Discord, and after some discussion, we will be hosting meetings there going forward. We’ll still need to work out a system for people to view/participate without a Discord account, so maybe that will mean a simulcast and setting up Twitch or something. That’s how Defcon did it for the first remote-only con, but if anyone has any better ideas we are all ears. We’re also looking into recording talks (assuming the speaker is okay with it) so who knows, maybe a YouTube channel is in the future.

If you need a Discord invite, look no further.

Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.

— TactiFail