SummerCon celebrated its third year in the New York metropolitan area with a baptismal rain fall that consumed the entire day. Luckily for us, a delicious spread of NY style deli meats, vegetables, and various types of salads where plentifully provided by IOActive. Thank you IO! We managed to have plenty of food until late in the day. 

With plenty to eat and drink the time flew by quickly. My favorite talk “Bypassing all the things” by Arron Portnov kept me glued to my seat. Keeping the con as a one track event is key to Summercon. Redpantz has no inclination to changing this format as it keeps you together and focused on the presentations. Being in one place is also conducive to networking with your peers and meeting new people. At this con I meet a father and son team Bill and Bill who traveled from the Pittsburg and Catskill NY area. More on them on a later post.

The first day ended with an open bar provided by iSECpartners. Thank you iSEC again it was our good fortune that the bar was big enough to accommodate all us thirsty SummerCon veterans. If it where not for that happy hour, I would have gone broke as the prices where, well you know New York City prices (which is why I liked the Brookly venue better, sorry red).

Day two went by quickly as well with a morning shot of eye opening talks. Some very humorist as was Michael Coppola talk on home devices connected to the Internet. It would seam that hacking is dead except we now have even more target vectors, thank you!

In conclusion I enjoyed my time at Summercon, it brought me together with some old friends and I made some new ones. I even met 2 fellas from the academic research community (brew ha ha). At least we have one thing in common we all drink! So mark you calendars for next years Summercon June 6-7, 2014. 

 

Some other notable talks included:

Beating a less-dead horse: The current state of .NET reversing

Aloria

All the cool kids are reversing C apps, mobile is the (relatively) new hotness, and Java is a long-moldering corpse of failure. It’s time to pick on a new, somewhat neglected red-headed stepchild: .NET. This talk will cover the current state of the art in .NET reversing, down from PE format of .NET assemblies through various types of obuscation, and into reversing tools and techniques. Finally, we will get a little Inception-esque by reversing Reflector inside Reflector in an attempt to modify its behavior.

Portscanning Low Earth Orbit

Travis Goodspeed

Satellites are whirring all around our little planet, but the lack of tools for accessing them have limited past research to stationary satellites or to ones with documented communications protocols. This lecture presents the conversion of a maritime L-band dish to be controlled by a combination of open source hardware and good ol’ fashioned unix daemons. The dish is operated remotely or in a standalone fashion, scanning the neighborly skies day and night with little or no supervision.

Weighing in on Issues with Cloud Scale

Michael Coppola

No, it’s not one of those talks. In this new age of computing, more and more household devices are being connected to the Internet. TVs, refrigerators, and even coffee machines are some of the first to give in to the trend. But these devices are old news. In this talk, we’ll take a step back from the ordinary and look at a new target: a WiFi-enabled… bathroom scale? With the help of a soldering iron and our good friend IDA, we’ll have a go at reverse engineering the device as well as discuss practical attacks to achieve code execution.