Tuesday, July 14, 2009

A Dark-colored Chapeau

I'm making this post in the vain hope that someone cares about what security conference topics I find interesting. With that being said, Blackhat is going to be awesome this year, not least because of the Metasploit track. Without further ado, here are the talks I plan to attend.

Day One:
I'm presenting at 13:45 and, judging by my history, I probably won't be done with my slides until about 13:43, so I'm planning to miss all of the morning stuff.

15:15 Stefan Esser: State of the Art Post Exploitation in Hardened PHP Environments
This is a tough choice and I may end up flipping on it later. Valsmith and Colin's stuff is freaking awesome but I think Esser's work could end up being really useful for PHP meterpreter.

16:45 Valsmith, Ames, Kerb: Metaphish pt2.
I hope I can get into the room after the break.

Day Two:

10:00 Datagram: Lockpicking Forensics
Lockpicking is a terrifically fun hobby and I'd like to learn more about it.

11:15 Nick Harbour: Win at Reversing
I usually lose.

13:45 Danny Quist & Lorie Liebrock: Reverse Engineering by Crayon
Dr. Liebrock was a professor of mine and Danny is one of the best Reverse Engineers I've ever met. Can't miss this one.

15:15 Kostya Kortchinsky: Cloudburst - Hacking 3D and Breaking out of VMware
I'm not especially interested in VMware but Kostya Kortchinsky is an exploit machine. If I die half as good as Kostya is today, I'll be happy.

16:45 Vincenzo Iozzo & Charlie Miller: Post Exploitation Bliss - Loading Meterpreter on a Factory iPhone
Meterpreter is awesome and having the same post-exploitation toolkit available on multiple platforms is something I've wanted for a long time. The fact that these guys ported it to a tiny embedded device that frequently gets connected to tons of open wifi networks is an extra bonus.

1 comment:

Rob Fuller (mubix) said...

Love where you are going with the iPhone comment. That would be one hell of a botnet. Have you seen the just the amount of people who play the Ocarina app? It would easily be the largest botnet in the world. And the scary part is that it could happen in days depending on the delivery mechanism. SMS exploit, Visual Voice mail network traversal. Any one of a number of ways. Plus there are big organizations (those who can afford it) that have these things connected to their corporate networks with keys or passwords loaded on them.

.. wow.. I guess the question is, why hasn't it been done yet.