Uncategorized
November 14th Meeting 6pm @ Elsies
Karl Fosaaen will be presenting on Attacking iOS Apps with Proxies at the November 14th DC612. This presentation will cover the basics of attacking iOS applications (and their back ends) using a web proxy to intercept, modify, and repeat HTTP/HTTPS requests. From setting up the proxy to pulling data from the backend systems, this talk will be a great primer for anyone interested in testing iOS applications at the HTTP protocol level. There will be a short primer on setting up the intercepting proxy, followed by three practical examples; showing how to intercept data headed to the phone, how to modify data heading to the application server, and how to pull extra data from application servers to further an attack. All of these examples will focus on native iOS apps (Game Center and Passbook) and/or functionality (Passbook Passes).
Karl is a senior security consultant at NetSPI. This role has allowed Karl to work in a variety of industries, including financial services, health care, and hardware manufacturing. Karl specializes in network and web application penetration testing. In his spare time, Karl helps out as an OPER at THOTCON and a swag goon at DEF CON.
Agenda:
6:00PM-6:30PM – Get in, get drinks and food ordered
6:30PM – Karl Fosaaen – Attacking iOS Apps with Proxies
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413
July 11th Meeting 6pm @ The Hack Factory
This month we are going to have some informal discussions about the Defcon conference coming up in a few weeks in Las Vegas. If you plan on attending Defcon, or just want to come hear about how great of a conference it is, come and join in on the discussions about who to see, what to do, what to bring, what not to do, etc.
Agenda:
6PM-??? – Pre Defcon Discussions
See you Thursday!
-DC612
Hack Factory is located in the Seward neighborhood.
Payload from balloon launch found!!
The payload from the balloon launch last October was found on June 1st. A guy in Wisconsin was hunting on his property when he spotted the styrofoam cooler. It was found at approximately 45.175661,-92.034424. He called my cell number which had been attached to the side of the cooler. He said it “stuck out like a sore thumb in the trees.” He also said the payload and equipment inside was “destroyed”, but was able to retrieve the SD card from the camera and mailed it to me. The full length unedited video can be found at http://www.youtube.com/watch?
– Jared
June 13th Meeting 6pm @ Elsies
For the June DC612 meeting, Spenser Reinhardt will be presenting on Beginning Exploitation with Manual Exploits.
Agenda:
6:00PM-6:30PM – Get in, get drinks and food ordered
6:30PM-???? – Spenser Reinhardt
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413
May 9th Meeting 6pm @ Elsies
For the May DC612 meeting, Paul Dokas will be presenting on the new Dragon Research Group (DRG) pod distro. The Dragon Research Group (DRG) is a volunteer group of security researchers that collect and freely distribute intelligence regarding malicious behavior seen online. One of the key platforms used to collect and analyze this data is the DRG pod which is a passive sensor built using NanoBSD (a slimmed down version of FreeBSD). This talk will cover the design goals, system layout, build system and future directions for the pods.
Bio: Paul Dokas is an IT security professional with 20+ years of experience in the IT industry as an IT security architect and analyst, programmer, and system administrator. Currently working in the Twin Cities as an senior IT security analyst he is expanding his passion for intrusion detection, data analysis and incident response. In off hours, he volunteers with the DRG and is building a network intrusion sensor and analysis framework (soon to be released as open source).
Agenda:
6:00PM-6:30PM – Get in, get drinks and food ordered
6:30PM-???? – Paul Dokas
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413