News and info about the con.
It took a while, mostly due to me being slow at getting things sorted out, but Bliss got their share of the £1600 that we raised this year. A huge thanks to everyone who bought from the bring and buy, entered the raffle or just threw cash into the collection bucket.
Robin and the crew.
We’ve finally got all the media from the event online, here are the links to it all:
What made it even better was the live streaming on the day for those who couldn’t physically attend.
Due to “age restriction problems” on Flickr we’ve moved to hosting the photos with Google this year. We will probably move the old archives over at some point as well.
Last year we ran a “bring and buy” table for IT and security related books, raising £100 for the premature baby charity Bliss.
We are running the table again this year and extending it to include hardware. Do you have old kit lying around at home, collecting dust that you think might be valuable to someone else? If so, bring it along. If there is something special about what you are bringing, such as the power supply is dead or there is a loose connection somewhere, then please bring a note to put on it so people know what they are buying.
If you’ve nothing to bring, make sure you’ve got some cash on you and space in your bag or car so you can take something home, as all proceeds will go to charity.
I was hoping to do these descriptions in the Eventbrite ticket system but it didn’t work out so here is the description of the four workshops we will be putting on on Friday 15th. If you want more information get in touch and we will answer if we can or will put you in touch with the presenter.
These workshops are free but to come along you must have a ticket to the main event, we will be checking tickets when they are “bought” and on the door and we will turn people away if we need to. Below are the times of the workshop:
|1-2 pm||2-3 pm||3-4 pm||4-5 pm|
|Advanced Malware Unpacking (This is a full 4hr Slot)|
|Exploring & Exploiting Video Game Security (2hrs)||Exploring & Exploiting Video Game Security (2hrs)|
|Posh C2 (1hr)||Posh C2 (1hr)||Lock smithing – MadBob (2hrs)|
Kyriakos Economou – Advanced Malware Unpacking
1pm to 5pm
One of the biggest challenges that malware analysts need to face are custom packing techniques used in modern malware. A simple solution to that problem is taking memory dumps of the involved processes. However, this usually results into obtaining malformed PE files that can only be analysed statically. This limitation combined with obfuscation, and self-modifying code can become extremely frustrating. This course aims to provide the necessary knowledge to the malware analysts to manually unpack and isolate working PE files that can be analysed both dynamically and statically. Forget about UPX and similar things you have been seeing around for years. This is a highly technical course that aims to push some tools and your knowledge about the PE file format and some Windows internals concepts to their limits.
The aim of this workshop is to help professional malware analysts and in general people involved in malware analysis during IR engagements. This workshop will and should be highly interactive. You are welcome to bring your own Windows based malware analysis VMs (I will be using Win7 x86) and use your preferred tools at will. We will be working with real malware samples, so it is implied that if you take part in this workshop you know what you are doing.
The plan is to share some samples with the attendees, let them work on each one of them for a few minutes (around 20 mins), and then go through them together regarding the unpacking process. Having said that, knowing how to use a debugger is necessary. We will be using OllyDbg v1.10 and a few other tools that will be provided to the attendees. People with no experience in this area are welcome, but in that case they will benefit more from shadowing others.
Elliot Ward – Exploring & Exploiting Video Game Security
1pm to 5pm
This presentation will look at the current state of security within the video game industry while focusing on the unique challenges which the industry faces. It aims to give an overview of the current security issues and provide a basis for attendees to begin having fun hacking games.
It will start by providing some background surrounding the various threat actors and their motivations, followed by a summary of some specific security concerns with a primary focus on cheating in online multiplayer games such as MMORPGs and online gambling platforms. Once an overview of concerns has been presented the talk will focus on common cheats or ‘hacks’ such as:
- Item Duplication
- Speed hacks
- And more!
Including live demos utilising both client and server side attacks to facilitate these goals. Some examples of the techniques covered will include:
- DLL Injection
- Memory Manipulation
- And more!
Finally we will take a look at the strengths and weaknesses of some defensive techniques and technologies which are currently being used to thwart cheaters and analyse their potential use within business software to improve overall software security.
Madbob‘s Re-Keying Workshop
3pm to 5pm
Test your skills at re-pinning.
Take a more in-depth look at how pin tumbler locks work, by stripping and re-keying them.
Ben Turner and Dave “Granddad” Hardy – Red Teaming with PoSH C2
1pm to 3pm
Nettitude are releasing their own PowerShell C2 (PoshC2) in time for Steelcon. This workshop is aimed to help people get setup and start attacking client devices ready for their next red teaming engagement or social engineering test. This tool is not only written for red teamer’s but can be used in almost all forms of internal penetration testing too. The key areas that we will focus on are as follows:
- PoshC2 Installation
- Gaining an Initial Foothold
- Persistence and Situational Awareness
- Privilege Escalation Techniques
- Lateral Movement
- Acting on Objectives and Data Exfiltration
The only thing you are required to bring is an up-to-date version of Windows 10 or Windows 7 to run the lab from. Nettitude will have the lab environment setup via either WiFi or Ethernet. It is worth noting you don’t have to be a PowerShell wizard to benefit from this workshop as its very leading. Hopefully PoshC2 is written in such a way to help people who are new to PowerShell and red teaming but also strongly benefits the advanced red teamer with lateral movement capabilities and fully proxy aware payloads.
For the last two years your ticket has granted you access to a day full of amazing talks, a lunch including ice cream from one of the best producers in the country, a true northern dinner and enough free drinks at the party to make everyone merry, but this year we are going a step further, we are adding workshops!
We are going to make Friday afternoon Workshop Time. At the moment, the plan is to run between four and five sessions between 1PM and 5PM but depending on numbers this might open up to the morning as well.
So as well, as looking for CFP submissions for talks, we also want workshop submissions. We want either two or four hour sessions and are looking for anything hacker related. We are expecting the usual “this is how to hack product X” but, in line with our range of talks, would also like some on soft skills and other none technical topics. These all have to be carried out in university provided rooms so please consider this when coming up with ideas, if you are not sure if something is appropriate then please get in touch and we will make a decision.
Once we have the schedule sorted out we will open ticketing to let you book your seats and, as said before, this is all in the one ticket, this is not an extra cost, just reserving seats for bums.
After a lot of hard work by Luke, Cal and Tom we’ve finally got the videos sorted and uploaded. Not all the talks were recorded and not all the recordings have made it through to being published, this is because, despite all the work put in on the day and in post production, the quality is no where near what we would have liked due to a number of problems including:
- Cameras failing
- Memory cards filling up
- Microphones not picking up what they were supposed to
- Picture in picture accidentally being turned on during recording losing a chunk of screen space
- Poor lighting in track 2
- Various other little niggles
We’ve learnt a lot from this and plans are already in place for next year where we hope to be able to do live streaming, this should mean problems are picked up straight away and the recordings are ready for release within days not months.
Apologies to the speakers whose hard work didn’t make it through, if you want to see what we have we can send you what we have of your talk, just get in touch.
Since I moved house I’ve had a pile of tech books stacked under my desk that I know I’ll never read but don’t want to give to the local charity shop as I doubt they’d sell. So I was thinking, I might just bring them along to the con, put them on a table and if anyone wants one they can put some cash in a charity donation bucket. I’m sure there will be someone from a hackerspace there at the end who be happy to take any left overs away and if not then I’ve tried and Oxfam can have them.
If anyone else wants to bring along any that they don’t want then feel free, better given to a good home than collecting dust and taking up space.