We coaxed our friends at Mahalo Daily into coming along with us to LA SIGGRAPH’s Maker Night. There were a handful of interesting projects there. [Univac] was showing a circuit bent Teletubby and his CellularRecombomat. [Brett Doar] brought his Bronco Table. Tired of engineers building items that made life easier, he decided to make something that made life more difficult. The table uses a piezo to detect the sound of something being set on top. It then starts twitching and bucking to shake the item free. The motors look like they’re salvaged window motors. Finally, we talked to [Mark Frauenfelder] from BoingBoing/Make about how he got into the DIY culture.
cons1390 Articles
Exploit-Me Firefox XSS And SQL Scanning Addon
[youtube=http://www.youtube.com/watch?v=RbL2ptbjoSA&hl=en&rel=0&color1=0x3a3a3a&color2=0x999999]
One of the best tools we saw at LayerOne was the Exploit-Me series presented by [Dan Sinclair]. Security Compass created these tools to help developers easily identify cross site scripting (XSS) and SQL injection vulnerabilities.
Continue reading “Exploit-Me Firefox XSS And SQL Scanning Addon”
The Best Of 2600
2600 editor [Emmanuel Goldstein], has decided to publish The Best of 2600. It features some of the best essays on lockpicking, phone phreaking, social engineering, and other topics that the hacker quarterly had to offer.
Founded in 1984, 2600 was one of the major catalysts that got the modern hacker scene going. They published controversial articles on topics like red boxing and spawned monthly meetings. This firsthand account of the development of hacker culture will be released in July at The Last HOPE in New York.
RFID Reader Denial Of Service
While in Vancouver, Canada for CanSecWest we had a chance to catch up with [Marc]. He showed off a very simple Denial-of-Service attack that works for most commercial RFID reader systems. He worked out this physical DoS with [Adam Laurie], whose RFID work we featured last year.
DefCon CTF Qualifier Results
Kenshoto held qualifiers for the DefCon‘s Capture the Flag competition last weekend. The top seven finishers: Routards, Pandas with Gambas, Guard@MyLan0, Shellphish, Taekwon-V, WOWHACKER, PLUS, and last year’s winners, 1@stPlace, will be invited to participate in the final this August in Las Vegas.
The qualification started Friday night at 10PM EDT with an email (Subject: M0rt4g3 y0ur /14gr4 up 2 3 1nch3$) being sent to all 451 registered teams. Connecting to the game server displayed a Jeopardy style score board. The five available categories were Binary Leetness, Forensics, Real World, Potent Pwnables, and Trivia, with point values from 100 to 500. Only one question was opened to start. The first team to answer that was allowed to select the next question to open and then any team could try to answer it. Participants were warned about the difficulty of the 500 level questions and the entire Real World category. At the end of everything, four questions still remained locked at the end.
If you’re interested in what type of questions the contest had, check out the write up on NOPSR.US, which has all the files and solutions. Non-qualifiers can still participate in DC949’s OpenCTF.
Upcoming Convention Roundup
Lots of con news is coming in these days so lets do a quick roundup of upcoming events:
REcon
June 13-15, 2008
Montreal, Canada
REcon has started posting information about their training sessions such as the Advanced Reverse Engineering session with Nicolas Brulez.
The Last HOPE
July 18-20, 2008
New York City
The Last HOPE just announced its speaker list. It includes the infamous Kevin Mitnick, Mythbusters co-host Adam Savage, and author Steven Levy to name a few.
DEFCON 16
August 8-10, 2008
Las Vegas
The DEFCON team also released the first batch of speakers for this year’s convention. Qualification starts tonight at 10PM EST for the capture the flag (CTF) contest so be sure to get registered. Check the txt for more information. We recently talked about the beverage cooling contraption contest, but you can find many other contests on the forums.
Beverage Cooling Contraption Contest
Let’s face it: no one likes warm beer. In the arid August air of Las Vegas, though, it’s difficult to get anything else. To combat this problem, Deviant has hosted a competition the last three years at Defcon called the Beverage Cooling Contraption Contest, or BCCC. We’re not talking about something as simple as a Coleman cooler or even a peltier cooler: the devices entered in this contest have to be able to take a beer from hot to cool and your glass within minutes.
