February Meeting Recap

Media is done, our Year of the Hack is posted above

We had about 25 Hackers from the Greater Milwaukee Area attend February’s meeting.  I mention this because it was pointed out that our event RSVPs are not an indicator of how many show up at the meetings.

Cree.py Demo

To start us off, DW5304 did a demo of cree.py

Creepy is a geoloaction OSINT Tool, that offers geolocation information gathering through social networking (twitter, instagram, etc) platforms.

SNMPwalk and SNMP shenanigans

DW5304 also conducted more shenanigans with SNMPwalk and reviewed some SNMP results he had uncovered.  There is not a whole lot I have to document within this recap, but you can start learning about SNMPwalk here

DEFCON Groups DC414 video

DEF CON Groups is holding a contest:  Year of the Hack

For this, DC414 needs to submit a link to a 3- minute (at least!) YouTube video from DC414 as a whole describing what we’re planning on accomplishing over the year

This was our most difficult demo yet.

Planning?  Accomplishing?

And furthermore…video?

We’ve been on video before.  We brought up and showed our past appearance on CBS58 (watch it for either nostalgia or the lulz).

Yet we hashed out a plan for the year.  We will put together another Know Your Rights event, as that has continued to be our most popular event, and our most popular page on dc414.org.  This time the event will be bigger and better, and we will use that as a means to laison with the community.

We had 20+ hackers participate to some level in our video submission.  We are not actors, we are very ADD/ADHD.  Getting more than 5 hackers on the same page is a feat.  Like herding cats.

We got it all done.  Some group shots, and some individual interviews.  It is all recorded now, and we have a lot of footage that will be slimmed down to both a usable submission and a blooper reel (probably more footage for the blooper reel than anything).

Links to the videos are SUBMISSION and BLOOPER REEL

January Meeting Recap

TENS Demo

To start us off, Vlad brought a special guest to do a demo for us.

Dr. Charles S. Tritt, Ph.D, from MSOE, did a presentation on Human-Human Interface, using a TENS (Transcutaneous electrical nerve stimulation) unit and simulation electrodes.  Taken from his document:

This device mimics a relatively common approach to controlling powered prosthetic limbs. Electromyogram signals are picked up from the surface of the skin, amplified, digitized, processed and used to effect the desired control. In this case, the control is via nerve stimulation using a TENS unit.

The ZIP file containing his handout from the meeting (which has the parts list), MSOE lab handouts, and Matlab and Arduino code, can be found here

The total cost of the build is $98

We have some media of the device being used.  More will be posted as it is processed.  If you have media, videos, or pictures, that’d you’d like to share, please let me know.

Bubbles controlling Belouve (do note that they are husband and wife)

Bubbles controlling Vlad

Vlad controlling Bubbles

Cyphercon

Korgo and Belouve presented on the upcoming Cyphercon.  DC414 can still get in, though it seems most of DC414 are already attending or volunteering.  If you still want to get in, contact Korgo or Belouve.

There will be a booth/space for DC414 and Milwaukee Hackers (basically anyone I recognize as a Milwaukee area hacker) at the Friday part of the convention.  We’ll keep it a corporate no-fly zone.

We got a peek at one of the electronic badges for Cyphercon.

Puzzle Lock

Belouve brought a puzzle lock that he received from India.  It is claimed to be from the era of Shivaji Maharaj, who reigned from 1674 to 1680.  I’m investigating this claim to its age further.  Regardless, it’s a cool lock.

I have no video or images for my lock (yet), but I plan to make a video in English of its function and any more details I can find out.  However, I found a video of a similar lock here

January meeting almost here!

It’s almost Friday, and as mentioned previously, due to the Holiday falling on a Friday we have moved the meeting to 1/08/2015.

Vlad has a special guest, Dr. Charles Tritt from MSOE will be joining us, and will be giving a demonstration with a TENS unit, somehow facilitating a human-to-human interface.  It’ll definitely be a meeting to remember!

See you there!

-darkwind

 

dc414 does EscapeMKE James Bomb

So a few weeks ago a bunch of us got together to do the 2nd mission at EscapeMKE, titled James Bomb.  It was a blast!   While I won’t go into detail of the mission, we soared through all parts of it so fast, the host swore we had cheated at multiple areas, and was ready to disqualify us.  We found a new and unknown (to EscapeMKE) way to complete one of the tasks that hadn’t been done before, leading us to get to the final step at approximately 18 minutes into the hour. We did prove our method, and were credited appropriately without cheating!

Unfortunately we got stuck on that last step until about 22 seconds remaining, but we did successfully complete it! (damn old touchy equipment)

-darkwind

 

December Meeting Recap

darkwind tried to show off a pager hacking demo.  I believe we were getting some new and unknown interference on the RF band he was trying to hack.  Not going to call this one as a demo fail, since the new RF interference is interesting.

DAS BOOT.  We lockpicked a TRIMAX car boot, using a BIC pen.  I think time from the package being opened to it being picked was less than 30 min.  Once we got a process going, we could pick it in under 17 seconds, just a BIC pen.  Video exists of this, we’ll try to get it put up soon.  TRIMAX: your product sucks, BIC: your products rule.

Watch a video of the TRIMAX fail

<REDACTED2> showcased a hack to Southwest’s boarding zone/boarding number system.  Want to be in line as A17 and not B47? <REDACTED2> showed us how.

We also discussed a new DC414 DEFCON Groups point-of-contact.  That has now been set and communicated to the DEFCON person responsible.  We’ll once again be recognized as an active group!

Titles are updated.  If you look under the contact portion of our page, most of the goofy titles will be updated there.

You’ll note I left some names out as <REDACTED>.  If you want your name/nickname there, let me know.  I don’t want our recaps to be a blast of “CRASH OVERLOAD HAXXORD THE GIBSON” to the Internet and anyone who may see it and cause trouble for the person who did the hack. (Some names have since been approved to be un-redacted)

That’s all the demos I can recall.

Next meeting: Jan 8th, 2016.

Upcoming Events (as of December 2015)

December 12:  Escape MKE, where a group is locked in a puzzle room, where puzzles, riddles, and coded messages are the only means of escape.  Doing the James Bomb mission.  All sold out for our group.

December 19: BasementLAN, contact Darkwind if you’re not already in.

January 8: DC414 Meeting, CESI  (first Friday is Jan 1st, so we probably won’t meet then)

March 11-12: Cyphercon, at Pfister and Safe House.  We want DC414 hackers at Cyphercon, so get in on the tickets as soon as you can! SOLD OUT

Upcoming Events (as of October 2015)

October 10: LAN Party, at CESI
October 17:  Escape MKE, where a group is locked in a puzzle room, where puzzles, riddles, and coded messages are the only means of escape.  Contact Korgo or Belouve if you’re interested in going.
October 31: Halloween Party, at Bubbles’ and Belouve’s house (contact directly for address, none of this blasting the address out to all the Internet).

November 6: DC414 Meeting, CESI

March 12: Cyphercon, at Safe House.  We want DC414 hackers at Cyphercon, so get in on the tickets as soon as you can!

Upcoming Events (as of Sept 2015)

To make a quick summary of upcoming events:

October 3-4: Barcamp, location is Sussex, WI
October 3: DC414 Meeting, held AT BARCAMP
October 10: LAN Party, probably at CESI
October 31: Halloween Party, at Bubbles’ and Belouve’s house (contact directly for address, none of this blasting the address out to all the Internet).

March 12: Cyphercon, at Safe House

Other TBD items:
A trip to Escape Chambers (see escapechambers.com), where a group is locked in a puzzle room, where puzzles, riddles, and coded messages are the only means of escape.
Some of us were interested in going, so we’ll look into it further.

September DC414 Meeting Recap

Return of meeting recaps!

Klaviel started us off by showing us how to view alternate data streams in files. Demo was with Notepad and a few command prompt commands.

Klaviel then showed a brief video on hotel room lock hacking, on the Onity locks. The video he showed off can be found here

Korgo announced an upcoming Milwaukee conference that he is leading: Cyphercon. Cyphercon will be held on March 12th, and the venue that has already been reserved is the Safe House in downtown Milwaukee. The themes involved are Ciphers, Puzzles, Lock Picking, Safe Cracking, Covert Operations, Cryptography and Privacy. Klaviel will be doing lock demos at this conference, and Belouve will be creating the puzzles and badge challenge for the conference.
Attendance is limited to 100 guests, and the ticket prices are $100.
The website for Cyphercon is located here: CYPHERCON.COM You may buy tickets now using Bitcoin ($95) or Credit Card ($100).

Belouve did a DEFCON 23 recap, with input from other members that attended. An overview of the slides/websites he used can be found here: DEFCON 23 Recap
There is also the website for the DEFCON 23 Badge walkthrough at PotatoHat Security

Klaviel also showcased video from the DEFCON 23 shoot.

There was also a demo (I forget the guy’s handle) on mounting and decrypting an encrypted hard drive within Linux. The simplicity of commands would be more useful than using an array of tools to mount an encrypted hard drive (say, migrating from Windows to Linux).

Those were all the demos that I can recall. I will take some actual notes next time, instead of relying only on memory. A list of upcoming events will be in a separate post.

The meeting then broke up at about 11pm. Nerf, quadcopters, and other shenanigans were kept until after 11pm.