News
News and info about the con.
Kids Track Registration Form
If you could fill in this form and bring it along it will speed up getting the kids registered and into their activities.
Getting to workshops
The Friday workshops are being held in rooms in level 2 of the Norfolk building. For anyone who has been to the con before, this is where track 3 usually is.
Head into the main Owen Building entrance.
Head straight on, if you need to use the lifts, you are heading to level 2. You need to request the floor before you get into the lift – Good luck, use the stairs if you can, they are much easier!
Take the stairs all the way to the bottom (level 2) or come out of the lifts and head into the Atrium (Big open space, you can’t miss it).
Head diagonally longways across the Atrium towards this door behind the pool table. The red square in the picture above.
Through the door, turn right, through the next door and you’ll find us all there.
2022 Provisional Talks and Workshops
For those who want to know more about what content they will get on the weekend, this is a provisional list of talks and workshops. Not all selected speakers have confirmed, and things change even at the last minute, so please don’t attend just for a single talk and get annoyed it if not happen.
Talks are on Saturday 23rd July.
| Speaker | Talk Name |
| Andy Gill and Neil Lines | Paving The Way To DA – A Live(Hopefully) Path of Pwnage |
| Ian Thornton-Trump | How to kill a Russian Commander in 20 minutes or less & other cyber stories from the war in Ukraine |
| Chris Pritchard | Murder! Mossad? Watching SE experts in the real world, literally getting away with murder. |
| Jess Amery | Friend or Foe? |
| Sadi Zane | Deep dive into Kubernetes Attack Surface and how to defend against cloud native ecosystem? |
| Soroush Dalili | Hacking a treadmill for fame and profit |
| Sina Kheirkhah | Taming horses for combat |
| Nishaanth Kumar G | Debugging Cordava Applications |
| Paul Williams | X-Com: Editing Savegame Files is Still Strategy: Redux |
| David Lodge | Security Vulnerabilities that (Mostly) Aren’t |
| Keith Learmonth | Windows Credential Theft: A Primer |
| James Boland | “I’ll take hacking for $100.” Keeping your CTF costs out of jeopardy |
| Peter O | Can you detect this? Inside The Ransomware Operator’s Toolkit |
| Manish Kishan Tanwar | Catch me if you can – Hiding web shell from WAF |
| Noman Riffat | Finding zero days in WordPress Plugins & Themes and Testing Beyond WPScan |
| Rad Kawar | Writing Tiny, Efficient, and Reliable Malware |
| Richard Hicks | P4ssw0rds!!!!111 |
Workshops are between 10 and 4 (ish) on Friday 22nd July. To attend a workshop you must book and have a conference ticket. Booking will be opened closer to the day.
| Speaker | Workshop Name |
| Roxana Kovaci | Azure Red Team Attack and Detect workshop |
| Sina Kheirkhah | Offensive .NET Reversing |
| David Lodge | Introduction to GEOINT |
| Soroush Dalili | Finding, Abusing, and Exploiting Deserialization Flaws in .NET Framework |
| Brian Whelton | Network Noob to Ninja |
2021 Update
Tl;dr: Probably no con this year.
The longer version:
By this point in the year we usually have all the sponsors booked, the majority of the cash in, and a lot of it back out again paying for goody bags, badges, shirts and putting deposits on things. This year, none of that is done.
With all the uncertainty, sponsors were interested, but reluctant to commit, we were also reluctant to accept any money, because if we spent it and then had to cancel we would have to replace it somehow.
Our venues were also not sure what was going on and if they would be open or not. Hallam has to commit to it’s students first and so even if they were allowed to open they may not have been able to accept us. Imagine having everything in place then not having anywhere to put everyone.
Other cons have moved online and have done a very good job in doing it. We could have followed, but as we’ve said before, we are an in-person event and while we could do something big and flashy online, it isn’t our style.
So, at this present time, the event is not happening, but we may review this closer to July, and if we think we can put something small on we will see what we can do. If something is going to happen, we will make a big noise about it, you won’t miss it. No promises though.
The Management.
PS, for any of you who normally attend the after con Quasar, I randomly bumped into the owner who handles our morning. He said despite not being open for nearly a year, they are surviving and and looking forward to having us back whenever we are ready.
Robin
SSLv3 Appreciation Day
Unless you know him well, you’ll be surprised to know that one of our longest standing supporters, Scott “Lord Helmet” Helme turns fifty this July. To celebrate this momentous day, we have decided to declare July 15 “SSLv3 Appreciation Day”.
As we can’t be with Scott to celebrate this year, we are asking for as many people as possible to set their WiFi ESSID to “Scott loves SSLv3” for at least five minutes at some point during the day and send us photos or screenshots so we can make an album to give to him as a gift at next year’s con.
For extra credit, upload a packet capture to WiGLE so the day will be recorded for ever more. Remember though, only do so if it is safe to do this while retaining your regular high level of OPSEC.
Images can be emailed to sslv3@steelcon.info or added to this Google album.
2019 Photos
It has been pointed out that we didn’t post a link to the 2019 photo album on here, so here it is.
COVID-19 and 2020
It is with deep regret, that after a lot of discussions, we have decided to cancel this year’s event due to the coronavirus.
At the time of writing this, we are exactly four months away from main weekend, and we know a lot can happen in that time. We hope, for everyone’s sake, that the outbreak is taken under control very soon, and that by July, it is just a memory along with the bad winter weather, but we can’t take that risk.
We could hold off and make this decision in April or May, but our first priority is to our attendees. We don’t want people booking holiday from work, paying for hotels and travel, and then, at the last minute, having to cancel them and fight to get refunds.
We also have to think about our sponsors and spending commitments. We bring in quite a bit of cash from our sponsors, but most of it goes straight back out again on hosting costs. Making this decision now will limit those costs and not end up with us taking sponsor money, spending it, and then having to find ways to pay it back or to take a hit on next year’s event.
We have looked at other alternatives, the main one being a virtual event. A few people have said that they would be OK with that, but it wouldn’t be SteelCon. People come to Sheffield for the atmosphere, for meeting old and new friends, and for downing shots of odd things they will probably regret in the morning. We have had quite a few submissions of both talks and workshops and we will be contacting everyone who has submitted to see if we can help them get their work out there in some other way, possibly with another conference that is doing some form of virtual event.
For those of you who managed to grab a ticket in the test run, you’ll all get contacted as well to give you your options.
So lets hope that with hindsight, this is the wrong decision, and that by July everything is back to normal and that the con would have run as it has for the last six years. But with the foresight we have now, we can’t take that risk.
Pinching a line from @javvad, stay safe our friends, and look forward to 2021, where we will be back twice as strong to make up for it all.
Charity Donation Certifiate
We’ve just had this thank you certificate through from the nice people at Birmingham St Mary’s Hospice which was our chosen charity for this year.
Glad we could help them out in return for all they did for our friend Mike.
Woody's Wonder Cube
For those of you who have lost their programs but still want to fry your brains at the challenge that is Woody’s Wonder Cube, here are the instructions from the brochure.
If you need a reminder of what to do, solve the crossword, decode the cube, solve the cube so it matches the crossword.
We had two solves on the day so we know it can be done. If you think you’ve got it, feel free to email photos and we can check it and add you to the Hall of Fame.
Hall of Fame
Kids Scavenger Hunt
Can you find or answer the following:
- Enough coloured paper to make a rainbow – 1 point per colour
- What is the next film showing in the Hallam cinema? – 3 point
- Any piece of swag from a previous years conference – 5 points
- A used postage stamp – 3 points
- Your best score from a game in the C64 arcade – 1 point
- A solved Woody’s Wonder Cube – 10 points
- Find the age of the youngest attendee – youngest age found gets 5 points
- A wireless packet (be creative) – 5 points
- What are the seven layers of the OSI stack? – 1 point per layer
- Name the two songs used on the crew t-shirts – 2 points per song
- Name as many university buildings as you can – 1 point per building
- Name the 7 main rivers of Sheffield – 1 point per river
- What is the oldest football club in the world? – 3 points for the club name, 2 points for the year it was set up
All the following are for conference speakers or close friends:
- Where was Andy Gill born? – 5 points
- What was Scott Helme’s first pet? – 5 points
- Draw a picture of Woody (Mike Woodhead) – 5 points
- What is Neil Richardson allergic to? – 5 points
- What is Tanya’s favourite colour? – 5 points