Uncategorized

November 14th Meeting 6pm @ Elsies

Written by jaredbird on November 2, 2013

Karl Fosaaen will be presenting on Attacking iOS Apps with Proxies at the November 14th DC612. This presentation will cover the basics of attacking iOS applications (and their back ends) using a web proxy to intercept, modify, and repeat HTTP/HTTPS requests. From setting up the proxy to pulling data from the backend systems, this talk will be a great primer for anyone interested in testing iOS applications at the HTTP protocol level. There will be a short primer on setting up the intercepting proxy, followed by three practical examples; showing how to intercept data headed to the phone, how to modify data heading to the application server, and how to pull extra data from application servers to further an attack. All of these examples will focus on native iOS apps (Game Center and Passbook) and/or functionality (Passbook Passes).

Karl is a senior security consultant at NetSPI. This role has allowed Karl to work in a variety of industries, including financial services, health care, and hardware manufacturing. Karl specializes in network and web application penetration testing. In his spare time, Karl helps out as an OPER at THOTCON and a swag goon at DEF CON.

Agenda:

6:00PM-6:30PM – Get in, get drinks and food ordered

6:30PM – Karl Fosaaen – Attacking iOS Apps with Proxies

Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413

July 11th Meeting 6pm @ The Hack Factory

Written by jaredbird on July 9, 2013

This month we are going to have some informal discussions about the Defcon conference coming up in a few weeks in Las Vegas. If you plan on attending Defcon, or just want to come hear about how great of a conference it is, come and join in on the discussions about who to see, what to do, what to bring, what not to do, etc.

Agenda:

6PM-??? – Pre Defcon Discussions

See you Thursday!

-DC612

Hack Factory is located in the Seward neighborhood.

3119 East 26th ST

Minneapolis, MN 55418.

http://dc612.org

http://twitter.com/dc612

http://groups.google.com/group/dc612

Payload from balloon launch found!!

Written by jaredbird on June 8, 2013

The payload from the balloon launch last October was found on June 1st. A guy in Wisconsin was hunting on his property when he spotted the styrofoam cooler. It was found at approximately 45.175661,-92.034424. He called my cell number which had been attached to the side of the cooler. He said it “stuck out like a sore thumb in the trees.” He also said the payload and equipment inside was “destroyed”, but was able to retrieve the SD card from the camera and mailed it to me. The full length unedited video can be found at http://www.youtube.com/watch?v=o_JOcD3BYKM. We learned several good lessons including using a better cell phone carrier to track the payload and as seen in the video, better stabilizers are needed for the next attempt. I suppose it would also be a good idea to wait for a clear day next time around….

– Jared

June 13th Meeting 6pm @ Elsies

Written by jaredbird on June 7, 2013

For the June DC612 meeting, Spenser Reinhardt will be presenting on Beginning Exploitation with Manual Exploits.

Description:

An introduction to simple exploits in an unprotected operating system. He will describe, how and why these issues are still present today, and how to start working with them. You will look at simple code, compile and debug a program or two, create some shellcode and use it to exploit an application. The aim being, to give a brief but detailed overview of how exploits work and how to begin creating your own shellcode.

Necessary tools:

Linux based OS (Suggested in a virtual machine)

gcc – GNU C Compiler

gdb – GNU Debugger

nasm – Netwide Assembler, a common assembly compiler for x86

xxd or hexedit – Generic hex editors

vim or nano – text editor

Copy code from https://github.com/commiebstrd/DC612

Agenda:

6:00PM-6:30PM – Get in, get drinks and food ordered

6:30PM-???? – Spenser Reinhardt

Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413

May 9th Meeting 6pm @ Elsies

Written by jaredbird on April 28, 2013

For the May DC612 meeting, Paul Dokas will be presenting on the new Dragon Research Group (DRG) pod distro. The Dragon Research Group (DRG) is a volunteer group of security researchers that collect and freely distribute intelligence regarding malicious behavior seen online. One of the key platforms used to collect and analyze this data is the DRG pod which is a passive sensor built using NanoBSD (a slimmed down version of FreeBSD). This talk will cover the design goals, system layout, build system and future directions for the pods.

Bio: Paul Dokas is an IT security professional with 20+ years of experience in the IT industry as an IT security architect and analyst, programmer, and system administrator. Currently working in the Twin Cities as an senior IT security analyst he is expanding his passion for intrusion detection, data analysis and incident response. In off hours, he volunteers with the DRG and is building a network intrusion sensor and analysis framework (soon to be released as open source).

Agenda:

6:00PM-6:30PM – Get in, get drinks and food ordered

6:30PM-???? – Paul Dokas

Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413