NovaHackers met this past Monday on the 13th and I was there to watch several amazing talks and mingle with the local novahackerati. For those that don’t know … NovaHackers an informal group of security professionals from around the NoVA and DC areas that coordinate one or two monthly events. You can get a better description of this group over on our meetups page where we list all the pertinent info.

This past week local hacker/videographer extraordinaire Georgia “@vincentkadmon” Weidman from GRM n00bs was there to record some of the talks. Below are the presentations that she posted this afternoon.

Reverse Space Update

The meeting started off with Richard Harman providing a quick 5 minute on the happenings over at Reverse Space. Most pertinent is that they are reorganizing and looking for people willing to serve on their new board. For those that don’t know, Reverse Space is a local hackerspace out in Herndon, VA. Find out more about them over on our meetups page.

802.11 Basics

Dakahuna followed up with an in-depth look at the 802.11 series of wireless protocols. Being a preview of the first part of a talk he plans on giving at DefCon’s Wireless Village, it was quite detailed. It covered everything from packet structures to overall security advice.

Metasploit & SET on the iPhone

In his debut talk at NovaHackers, Anthony Korzan showed how he got Metasploit and SET working on the iPhone. He followed it with a live demo. Now, it wasn’t the quickest demo in the world given the iPhone’s limited resources but very impressive nonetheless.

Seamlessly Backdooring JAR & WAR Files

Nicholas Berthaume is a regular presenter at NovaHackers and he was back for a good one this time. In his talk he discussed what JAR and WAR files are and detailed how to add malicous payloads to existing ones. I’d be careful about downloading those Java-based meeting tools after watching this talk. There may be a meterpreter hidden somewhere in there.

Somewhere Over the Rainbow Tables

Bob Weiss from Password Crackers, Inc. gave a very detailed look into what rainbow tables are and how to create them. A lot of the technical details were over my head but at the end he provided some great resources on how you can use them and become involved in creating new ones.

Here’s part 1.

And finally part 2.

There were several other sessions but you had to be there to see them. Why not head over to the meetup next time? All you need to do is check out our full calendar for the next meeting or get on the invite-only NovaHackers mailing list. See ya!

NovaHackers met this past Monday on the 9th and I was there to watch six amazing talks and mingle with the local novahackerati. For those that don’t know … NovaHackers an informal group of security professionals from around the NoVA and DC areas that coordinate one or two monthly events. You can get a better description of this group over on our meetups page where we list all the pertinent info.

This past week local hacker/videographer extraordinaire Georgia “@vincentkadmon” Weidman from GRM n00bs was there to record some of the talks. Below are the first two that she posted this afternoon.

How to Break Disassemblers

In the first recorded talk Nick Harbour provided a very technical presentation on techniques that could be used to “confuse” the disassembly process and ultimately encumber reverse engineering. He started out with a basic discussion of how disassemblers work and then proceeded to detail several armoring techniques to “confuse” them. Of course the good news is that these techniques only trip up the static disassembly process. Reverse engineers can still dynamically step through the program to deobfuscated its true inner workings. Here’s Nick’s 27 minute talk in all its glory at NovaHackers.

Armitage and Metasploit Collaboration

Raphael Mudge was back to discuss enhancements he’s been developing over the past few months to Armitage. If you haven’t heard of it, Armitage is a free GUI frontend to Metasploit. Raphael’s presentation focused on using Armitage at hacking competitions to facilitate collaboration amongst team members. Raphael explained the design and then discussed the initial implementation and subsequent updates in order to get it to work as intended. Got someone good at popping boxes? Let them focus on that. Your “popper” can then share these sessions out to one or more other “specialists” to do their specific tasks (e.g., automated enumeration & review, detailed manual analysis, etc.). Get ready for a great ride and sit back to enjoy 34 minutes of “synergy.”

There were several other recorded sessions and hopefully Georgia will be getting them out soon. In the meantime I hope you enjoy these ones and … see ya!

#####

Hey, want to find out about more great local infosec events like NovaHackers? Check out our full calendar!

If you live, work, or play in or around Northern Virginia, the NoVA Hackers Association (often shortened to NovaHackers) is the place to be the second Monday of every month for a fun filled night of interesting talks and great networking. This is definitely one of the after-work meetings I try to hit each month.

They just wrapped up their most recent meeting this past Monday. As you can tell from their summary post, not too many details are listed and that’s the way the group likes to keep it. The good news is that many of the presenters now allow their talks to be recorded and published. Below are five of the talks for your viewing pleasure. Each one is around 15 minutes so they pretty much get right to the point without a lot of fluff. There was also an additional talk by Mike S. called “DDOS Stuff” that wasn’t recorded.

Richard H. – When Did I Turn into a Systems Integrator?

David S. – Shmoocon Ticketing System Challenges

Shyaam S. – Benchmarking Secure WordPress Plugins and Themes

Ronnie T. – Fun with Strings in Malware

Daniel R. – CTF #1 Binary Exploit Development

Since I wasn’t able to attend this month, thanks to Georgia “@vincentkadmon” Weidman for recording the talks.

#####

To get involved in the NovaHackers check out their NovaInfosec description for links to their blog, Google Group, IRC channel, and Twitter account. See ya!

Last night I attended the NoVA Hackers Association monthly dinner meetup. Instead of having one or two longer talks, this meeting had four shortened 15 minute presentations … often called fireside talks Firetalks. The talks were great and there was plenty of time to catch up with some of the local infosec pros. Approximately 15 people attended the event hosted at ICF International‘s corporate headquarters in Fairfax, VA.

After a bit of networking, @elwing started off giving an overview of CACert. This is an open source-styled certificate authority (CA) where your assurance is vouched for through points given by assuruers who check identification documents. There is a basic level certificate you can get with no points similar to the old Thawte-style certificates. Each assurer can give up to 35 points and with 150 points you can also apply to become an assurer. CACert’s root certificate is already present by default in several Linux OSs and the group is working on Firefox and Safari. Getting its root certificate into IE may be a bit harder due to the processing costs of approximately $150,000. They are also looking for volunteers to help out in different roles, e.g., policy writing, developing website workflows, and obtaining placement by default in browsers. Contact @elwing if you’re interested in helping out or what to be assured.

Next, Rob “@mubix” Fuller presented on his frustrations of completeness in doing pen tests and offered some interesting solutions via DNS foo in his talk titled “IP Contra.” Unfortunately, I (or anyone else at the meeting) can’t talk about the details as we had to sign a NDA before he presented. But what I can say is that DNS is not geographic!

We all have done a lot of NMAP scans at some point and have been overwhelmed in trying to make sense of all the data you collect over time. Enter Chris “@carnal0wnage” Gates and his talk “Nmap XML Ruby Stuff.” The general idea was a way to push the XML scan results into a database that can be searched. Back in January he started piecing things together and posted some of his initial ideas and code. Since then he’s experimented with several frameworks but ended up just writing his own Ruby implementation. The end result was a fairly complete database for NMAP results with command line searching. Chris continues to evolve his implementation and is looking for help. He’s especially looking for anyone with GUI development experience to write a frontend. Contact @carnal0wnage if you’d like to help or want to try his updated implementation.

Finally, Terrence “@kingtuna” Gareau pulled in a little late but presented and demoed a USB attack on a fully patched Windows computer. He created a Metaspoit module that returns a shell to an attacker by simply inserting a USB drive into a victim computer. Although this is not new, the demo was against a fully patched Windows box. The trick was to add the attack code on the USB drive so it looks like a CD. By default, Windows still autoplays CDs! Enterprises can help protect against this attack by configuring their policy to not autoplay ANY media.

Anyway, that was it for the official talks. There were plenty of great side conversations or “round table talks” (RTTs) as well. NovaHackers may even incorporate this RTT idea into future meetings. Thanks to Lucus and Jonathan of ICS International for setting the facility up, providing refreshments, and organizing dinner. And for future events, check out the NoVA Hackers Association blog. Also, we setup up the @novahackers Twitter account that pushes out tweets whenever Rob and Chris put out new blog posts. This is another great way to keep up with what’s going on with this group.

///

There are a lot of other infosec events going on around DC. If you are the sponsoring group or attended one of these meetups or conferences and would like to submit a summary to be posted on this site, please send us a message from our Contact Us page or mention @grecs on Twitter. See ya!

Well maybe not a totally new group … but one that @mubix and @carnal0wnage finally brought live. It looks like the site itself was created over on Blogger in April of 2008. But just just as we thought the site was going to wither away, our fearless NoVA leaders recently started kicking each other into shape … and about 2 weeks ago seemed to have morphed the NoVA/DC Luncheon into this new association and created a related Google Group.

Not much has happened on the their Blogger site yet but the discussion on Google immediately took off with over 400 posts and 64 members as I write this. Since this group is in the “forming” phase, most of the discussion is all about how this association is going to work, everyone doing introductions, and of course ShmooCon tickets. Currently, it looks like they are going to try to hold two events each month. One will be the traditional luncheon that @mubix has been organizing for the past year. The second event may be a more formal evening meetup with presentations and all.

Joining seems to be pretty similar to the Freemasons. You have to be invited by a current member or a current member has to invite you. Additionally, there seems to be a requirement to be active. @mubix and crew will be skimming membership every few months and deleting lurkers. I think these two controls will go a long way to helping stem the prevalence of spam. But please remember that they are still in the development stages of putting this thing together so the “rules” may change over time.

You can find out more information on the NoVA Hackers Association on our NoVA Meetups page. Also keep up to date and help morph this group into what it will be by visiting them over at their Google Group!