Tomorrow I fly out to Vegas for an extended run of training, conference attendance, networking, and speaking. I’ll get to all of that, but last things first: I am very happy to have been chosen to, for my third consecutive year, present at DEF CON on a fun and offense-oriented topic:
This year I’ll be speaking about the attack surface of attack tools. Specifically, small devices hidden by malicious attackers or shipped to a client for pentesters for the purpose of remote access and attack. I’ll discuss some of the problems with having a small embedded device that runs a pile of perhaps-not-completely-hardened tools, how to respond to a device if one is located within your organization, and how such devices may be open to counter-attack. We’ll spend some time discussing the implications of a malicious attacker compromising a pentester’s implantable device, and then roll into a case study involving the most popular device of this type: Pwnie Express’ Pwn Plug. I’ll demonstrate some (very easy to follow) zero-day in the Pwn Plug, as well as discuss what one might want to do post-exploitation, along with how to acquire a nice forensic image of the device.
That talk will be on Saturday, August 3rd, at 2PM in Track 3 of DEF CON 21. I’ll be holding what I hope will be a nice informal Q&A afterwards (my past talks at DEF CON have had excellent Q&A sessions), so I hope to see some readers there.
Apart from that, I’m going to be in Vegas for a while. I am extremely excited to be taking Stephen Ridley and Stephen Lawler’s Advanced ARM Exploitation training for my first 4 whole days in Vegas. The Stephens are the operators of dontstuffbeansupyournose.com and by all accounts have put together a very good class. I’m excited about improving my skills, and if you follow me on twitter (@McGrewSecurity) I’m sure you’ll hear all about it.
I’ll be in attendance at both Blackhat and DEF CON, so be sure to track me down to have a word. My current beard-status is pretty close to my twitter avatar, so I should be easy to spot. Also, I’ll be the one floating a few inches off the ground, due to the fact that I’ve recently completed my Ph.D. dissertation (on the topic of SCADA HMI vulnerabilities, the topic of my talk last year), and have taken a position at Mississippi State as an assistant research professor. If you have interesting research ideas or just want to raise hell with a security geek with strong views, do get in touch and/or find me at either conference.