Where’s Cardboard Snowden?
On the last day of DEF CON, I spoke with some charity hackers, had a look at the lockpicking village, as well as discovered exactly how insecure my router is in the wireless village.
Hackers for Charity
Hackers for Charity assists link charities as well as hacker volunteers to offer services that they might not typically afford. They act as a type of matchmaking program, linking people with particular skills to charities in need. It likewise offers hacker-types with chances to hone their skills as well as develop their resumes. You can discover out exactly how to indication up as a volunteer, charity, or donor here.
[Sam] from Hackers for Charity showed me his project: the institution in a Box. It’s a Pelican situation stuffed with a Raspberry Pi, LiPo battery, solar fee controller, as well as power mode controller. The RPi has a WiFi card as well as runs as an gain access to point, enabling trainees to connect. It then serves up a riches of material that would not typically be offered in areas with restricted Web connectivity. This includes Khan Academy videos, job Gutenberg books, a subset of Wikipedia, as well as much more. The job is going out into the field in the next couple of months.
The institution in a Box offers discovering resources in remote areas.
Lockpicking Village
The lockpicking village was a packed this year, with The open organization Of Lockpickers (TOOOL) running training every hour as well as offering method locks to pick. TOOOL publishes their slides for the village on their website, as well as they’re a fantastic resource if you’re thinking about discovering the fundamentals of lockpicking.
TOOOL teaches essential lockpicking tips: relax, as well as kittens.
Wireless Village
The wireless village was house of the Wireless Pentathlon. This competition had participants working with a range of WiFi challenges. There was a variety challenge, a WPA cracking challenge, as well as lastly some general attacks on a WiFi network.
This village ran its own track of talks on all kinds of wireless topics. One that stood out for me was on vulnerabilities in little office / house office (SOHO) network devices by ISE. The talk showed that there are cross site request forgery, directory traversal, command injection, as well as buffer overflow exploits for just about every consumer grade WiFi router out there, including the one I have at house (no, I’m not telling you which one it is). The talk went over the process of scanning ports with Nmap, determining services with netcat, as well as building exploits. An explanation of one exploit for TP-Link routers that was demoed is offered here.
Goodbye DEF CON
The closing ceremonies marked the end of the conference. The organizers revealed that the con had increased a overall of almost $100,000 for the electronic Frontier Foundation, as well as there was much rejoicing.
The con was a fantastic time, as well as I’d like to say thanks to all the Speakers, Goons, as well as Humans that made the past couple of days a blast. We’ll be complying with up on a few of the stories from the con, as well as ideally be offering much more con protection in the future.