WAHCKon[2] Perth 2015

Perth's First Hacker Con
2nd & 3rd of May 2015
Empyrean Function Centre
12 Lake street Northbridge, WA 6003

KEYNOTE: Cybersecurity - A Key Ingredient to Australia's Economic Growth

Speaker: Gary Hale - Director, Cybersecurity and Speciality Projects, Security and Trust Organisation (STO), Cisco

With the Prime Minister's Cybersecurity Review well underway, what does this mean for Australia - in particular Western Australia - and to the creation of Cybersecurity and related opportunities? Gary Hale will provide his perspective on why Cybersecurity is now a Top 5 National Priority, including how it enables economic growth (and that inaction will be a tax on our growth). He will also discuss the projected 2020 landscape, its driving trends and the opportunities to accelerate white hat prospects. Plus consider Cybersecurity related roles in areas such as business, law and data science to set the platform for Australia's future economic growth.

How to hack your way out of home detention

Speaker: William "AmmonRa" Turner

Home detention systems are secure, they must be, they protect us from the bad guys, right? Maybe, or maybe the designers only thought of threats from run of the mill criminals, maybe they didn't consider the ways a hacker would attack their system. I'll show you how to hack your way out of home detention using a only software defined radio and some tin foil.

So you think all those attacks are originated from China? Let's go through a journey of an in-depth investigation of attacks by using custom honeypots

Speaker: Dr. Pedram (@pi3ch) Hayati

Looking at your server logs, you always see sheer loads of connections from China or Hong Kong. The typical impression is that they are script kiddies running their automated bots, scanning IPv4 space, looking for vulnerable hosts. And interestingly, over 90% of them are originated from Chinese owned providers. Well, that's what 'they' want you to think! In this presentation, I will take you through a journey of in-depth analysis of these suspicious connections to discover their orchestration and motives. The journey is based on my observation of setting up a number of custom honeypots (i.e. Smart Honeypot) across major cloud providers to attract adversaries and to monitor their tactics. I will talk through different layers of actors behind attacks as well as geographic targeted intrusions (geoattacks). Moreover, I will talk about applying Network Theory principles in order to get better insights into attackers' behaviour and their relationships. I will conclude the presentation with tips on hardening (cloud-hosted) servers against especially if you are hosting your servers on AWS, Google Cloud or Azure.

Probe-lematic PEDs

Speaker: Doles

Almost everyone carries a smartphone, this talk demonstrates how passive collection of wireless data can be used to track devices and attribute them to owners and locations. We'll explore the network and physical security implications this can have.

iOS Runtime Hacking Crash Course

Speaker: Michael Gianarakis

This talk will provide a crash course in exploiting iOS applications through the manipulation of the Objective-C runtime. The aim is to provide practical examples (live demos!) of how to observe and manipulate the inner workings of applications on iOS to defeat security protections including jailbreak prevention, anti-debugging and certificate pinning, obtain credentials and other sensitive information and subvert business logic. The presentation will also touch on how these techniques may potentially be applied to exploit iOS applications written in Swift.

Response kids are cool too!

Speaker: Scotty Brown

A talk that's 'a day in the life' of a modern incident responder, showing that IR work can be just as cool/awesome/tricky/lame as pen testing/breaking stuffs. This will include some live demos of opensource tools used in IR.

BIOHACK YOUR WETWARE - BECOME A CYBORG

Speaker: ss23

With fancy technology being so abundant these days, the options for becoming a cyborg on the cheap are surprisingly varied. From passive magnetic implants to multielectrode arrays for neural recordings, there's something you can do *today* on almost any budget to become badass as fuck. Come find out what the options are, how much it'll cost (hint: not much), and maybe why you would consider doing such a thing.

Breaking the security of physical devices

Speaker: Dr. Silvio Cesare

From owning, cloning, and honing in on Australia's public transport cards, home alarms from Bunnings, baby monitors from E-Bay, and automotive keyless entry, find out what's secure, what's not, and what you need to do to protect yourself when you're buying or using such systems.

Tainted BeEF or Treating Mad Cow Disease With Websocket (In)Security

Speaker: Maxim Chernyshev

BeEF is a poulare client side security assessment and penetration testing toolkit. The author's research looked at how evasive it actually was and how difficault was it to detect using convential client-side malware detection mechanisms.

Bypassing Android Binary Protections

Speaker: Julian Berton

Android binary protections, what are they, how to bypass them, why we bother, and lots and lots of demos! Demo gods please be kind! Oh and some tricks i learnt along the way to stop you going insane :)

A foray into hardware hackery: Maybe you can teach an old dog new tricks

Speaker: Dave Taylor

With any luck, I'll be demonstrating a cheap and relatively straightforward way of manipulating the content of surface mount flash and eeprom memory. Otherwise it will just be pictures of cats or some drone videos for 30 minutes.

Improving your haxor skills "legally", while doing the right thing

Speaker: Hugh Davenport (aquaman)

This talk will give an overview of different methods of responsible/coordinated disclosure of varying levels of legality. It will touch on 3 main methods, a bug bounty style system (YAY $$$), a generic responsible/coordinated disclosure program, and just going against a random company and hoping the fuzz doesn't come a-knocking. The talk will touch on legality, methods used, and outcome of each of these styles of responsible/coordinated disclosure. This was inspired by my desire to practise skills while not having paid clients, but also with the hopes of some extra fat cash. I used bugcrowd, and searching round for my bug bounties; searching round open source tools I use for generic disclosure programs; and a ""popular NZ auction/dating/holiday housing"" company. The fuzz may or may not have come knocking. There may or may not be some 0days.

Cloutron - The Hipster way to monitor your cloud

Speaker: Christian Frichot

We use a lot of AWS cloudy stuff, and sometimes you have to wait for things to happen (Database to be ready, Load-balancer to be ready, Server to be ready etc). Sitting there and continually clicking 'up/<enter>' to check the status of a job is CRAP. The web interface is also generally pretty crap. Terminals are COOL. Introducing, Cloutron! I basically took all the hard work of @snare (and @rich0H), stripped all the 'clever' stuff out of Voltron, and re-used his Python modular 'view' framework to allow polling terminal interfaces to various AWS sub-systems, allowing you to quickly snap out a bunch of monitoring terminal panes and keep your eye on your 'cloud' without having a) a browser or b) any self-respect. This is excellent at 'looking' busy for when you have important executives or bosses walking around your office.

What happens to old Cloud accounts and data?

Speaker: Robin Lennox

In 2015, more companies are using the cloud to provide services such as email, document management and authorisation mechanisms. Why not, it's cheap and the data is secure especially if it's using large providers, right? The issue with the cloud is people blindly trust that large providers will keep their data safe and if something is found they'll have the resources and expertise to swiftly fix it. I'll talk about a vulnerability I found with Google which allows anyone to retrieve discarded accounts and data. Then I'll finish by discussing Google's surprising responses to my bug bounty submission for this vulnerability.

Chronicles of same origin policy bypass

Speaker: Emmanuel Law

Same Origin Policy (SOP) is one of the fundamental protection when surfing the internet. It's in all browsers, various plugins and mobile applications. This talk will walk the audience through a history of some of SOP most interesting bugs; ranging from some of the earliest manifestations to the more recent SOP bypasses. Although many of these SOP bugs are beyond the control of the developers but we'll cover some mitigating measures that one could possibly take

Find all the bugs: win all the bounties

Speaker: Shubham Shah (shubs)

"In the last two years alone, I have made approximately at least $30k from bug bounties. However this presentation isn't just about the money. It's about the methods, techniques and ideology needed in order to be an effective bug bounty hunter. It goes through multiple different scenarios in which I was able to find critical/high risk vulnerabilities in companies such as PayPal and Facebook. This talk incorporates multiple advanced web application security attack vectors, tips and tricks."

Why the Telecom threats to National Security in 1983 are still relevant today

Speaker: Walter Green

The digital telephone exchanges of the 1980's introduced a new set of threats to National security. A brief description of the threats ( including examples of actual occurrences) and some of the risk management strategies to deal with the viruses and malware will be presented. The application of these strategies to the internet of today will also be discussed.