The 1337 BoomBadge has been won by yours truly!  Thanks to BMPTS for the awesome work on this!  See you next year!

If you are curious what’s on the bottom, and want to know more, check out patents 2,844,902 and 1,288,797.

-darkwind

Starting the new year off with MOAR RECAPS.  I (Belouve) did not get there at the start, so I will recap what I was told by others.  People can fill in details if they want.

SoftEther VPN

We had a demo on SoftEtherVPN (“SoftEther” means “Software Ethernet”). This is a multi-protocol VPN software, that runs on Windows, Linux, Mac, FreeBSD and Solaris.

Also open source, and free.  You can go from Open VPN to SoftEtherVPN smoothly.  Check out the site for other highlighted features I haven’t listed here.

We’re being hacked by Russia, right? …. Right?

Belouve arrived and set up a talk digging into the details of the recent “Russian” hacking.  Pointing to the US-CERT report and the files they sent, only 2 out of the 911 indicators given by US-CERT point to Russia.  The reports on APT28 and APT29 cite some vague ‘evidence’.

One of the best things is that an APT29 report (see page 9) references the use of MiniDuke malware as being Russia.

So Belouve looked up the MiniDuke specifics, binaries, breakdown, etc.

The word ‘Russia” does not appear anywhere in the report.

But…MiniDuke does open up a backdoor…

… to Turkey (See page 22)

Discover Recon Script

Belouve demonstrated his slimmed-down version of Discover Scripts, which he has available at https://github.com/belouve/discover

Credit given: the original discover script is made by Lee Baird, as available here. My version has slimmed his down, and I have updated some other steps.

This script is tuned to do as much passive recon on a target as it can, without touching the target and alerting it to its scan.

Uses ARIN, dnsrecon, goofile, goog-mail, goohost, theHarvester, Metasploit, URLCrazy, Whois, PGP Keys, multiple other websites, and then recon-ng.

The recon-ng modules scrape Bing, Google, Hackertarget, Netcraft, Shodan, Threatcrowd, GitHub, Twitter, LinkedIn, Whois, and Censys.io for information.  It parses and pivots the information gathered from other modules and earlier steps.

Take a look over the tool, it is constantly being tweaked.

Vlad’s LED Tree of LED Glory

Vlad did a demo on his multicolored individually-addressable LED tree.  Big tree, and I feel a video would go best here.

DEFCON Groups Update

Message from DEFCON groups.  Yay DC414 for actually responding to and doing the challenge!

Next Meeting

Next meeting is Friday, February 3rd.  Same bat time, same bat channel.

Join us at

7625 S Howell Ave
Oak Creek, WI 53154

at 7PM

Look for “The Bailey Building” sign. See meetings/ for more information.

FOR IMMEDIATE RELEASE
BarCampMilwaukee 11
Milwaukee, WI
For the eleventh consecutive year, BarCampMilwaukee is returning the first weekend in October. CESI will host the event. Doors open at 9:00 AM, Saturday October 1st.
A BarCamp is a wholly unique event that provides a free, open-environment forum where the participants are in charge of what happens. It is an interactive conversation where professionals and curious alike come to learn, teach, and imagine. This revolutionary “unconference” allows participants to float from one session to another, and encourages the development of interesting ideas and spontaneous discussion. Since the first BarCamp in the US eleven years ago, hundreds of BarCamps have been organized throughout the world.
Throughout BarCampMilwaukee’s eleventh year run, participants have been involved in a wide array of session topics ranging from:
Software Development: Ruby on Rails, Drupal, and JavaScript.
Technologies: 3d printing/scanning, video editing, robots, and solutions for non-profits.
Solutions for small businesses and non-profits.
All the way to things like Zombie Defense Preparation, lockpicking, sushi making, and many other topics for makers, DIYers, artists and other creatives.

Barcamp is a program of The School Factory, a 501(c)(3) nonprofit organization that builds value-creating communities and spaces to transform education, economy, and talent.
When: Doors open Saturday, October 1st at 9:00 AM and close at 9:00 PM October 2nd

BarCampMilwaukee will offer over night sleeping so please break your sleeping bags.

register: here

There was some discussion on when then next meeting is, and where it may be held. Just clarifying that our meeting will be at normal scheduled time on July 1st, at 7pm. We’ll be in our usual location at CESI. See https://new.dc414.org/meetings/ for details!

August’s meeting is up in the air for location, and expect light turnout as many of us are making the venture to Defcon.

See you there!
-darkwind

So a few weeks ago a bunch of us got together to do the 2nd mission at EscapeMKE, titled James Bomb.  It was a blast!   While I won’t go into detail of the mission, we soared through all parts of it so fast, the host swore we had cheated at multiple areas, and was ready to disqualify us.  We found a new and unknown (to EscapeMKE) way to complete one of the tasks that hadn’t been done before, leading us to get to the final step at approximately 18 minutes into the hour. We did prove our method, and were credited appropriately without cheating!

Unfortunately we got stuck on that last step until about 22 seconds remaining, but we did successfully complete it! (damn old touchy equipment)

-darkwind

FOR IMMEDIATE RELEASE
BarCampMilwaukee 10
Milwaukee, WI

For the tenth consecutive year, BarCampMilwaukee is returning the first weekend in October. Heat Athletics will host the event at its previous location see below for details. Doors open at 9:00 AM, Saturday October 3rd.

A BarCamp is a wholly unique event that provides a free, open-environment forum where the participants are in charge of what happens. It is an interactive conversation where professionals and curious alike come to learn, teach, and imagine. This revolutionary “unconference” allows participants to float from one session to another, and encourages the development of interesting ideas and spontaneous discussion. Since the first BarCamp in the US eight years ago, hundreds of BarCamps have been organized throughout the world.

Throughout BarCampMilwaukee’s ten year run, participants have been involved in a wide array of session topics ranging from:
Software Development: Ruby on Rails, Drupal, and JavaScript.
Technologies: 3d printing/scanning, video editing, robots, and solutions for non-profits.
Solutions for small businesses and non-profits.
All the way to things like Zombie Defense Preparation, lockpicking, sushi making, and many other topics for makers, DIYers, artists and other creatives.
Register for BarCampMilwaukee 10 at barcampmilwaukee.org

Barcamp is a program of The School Factory, a 501(c)(3) nonprofit organization that builds value-creating communities and spaces to transform education, economy, and talent.

When: Doors open Saturday, October 3rd at 9:00 AM and close at 9:00 PM October 4th
Where: W248 N5250 Executive Dr,
Sussex, WI 53089

CONTACT:
Dan Walters (dw5304 (at) gmail.com)
Director, Barcamp MKE

just a reminder we will have our regular monthly meeting even though its labor day weekend.

see the meeting page for location.

Many thanks to Klaiviel, Vladimir, and dw5304 for their fast work at getting these badges ripped! We have recorded the contents of all badges that we know of (human, vendor, contest, artist, goon, speaker) and uploaded the contents in both lossy and lossless formats.

If you’d like to listen, please download the lossy file at THIS location.  We have also added the lossless encoding (as best as we can do under the circumstances) at THIS location.  It’s a 119Mb file.

Update: Although we have been told they are all identically stamped, we did digitize every badge we could find. Those have been uploaded as well — just list the folder if you want them. Thanks to those who allowed us to record their badges:

human – white – dw5304
blue – speaker – Jose
green – vendor – duosecurity.com
yellow – press – @techjournalist
clear – artist – DarrenBob
red – goon – Kentzonestar
gold – contest – TombOfTheUnknownGoon

 

-darkwind & vlad