Saturday, October 3, 2015 18 months ago ,
MWR will be presenting two exciting new talks at ZACon and another at ZACon Nights next month.
MWR is pleased to announce that Travis Ford, Kyle Riley and Matthew Marx have been selected to give a talk at ZACon. This will take place on Saturday 3rd October 2015 at the University of Johannesburg, South Africa.
ZACon is a South African information security conference run by hackers for hackers, with the explicit aim of growing the South African information security scene. New speakers, as well as veterans are encouraged, with local-research in nearly any security-relevant topic preferred.
Topic: Hacking the Node
Speaker: Kyle Riley
Abstract As the local market for Video on Demand services booms, multiple South African vendors are developing innovative products to quench the ever growing needs of consumers. One such product is Altech’s set-top box solution, the Node, offering features such as streaming of HD content over satellite, the ability to integrate with smart home devices, and an Android Virtual Machine.
The Altech Node was analyzed by a team at MWR Labs, which led to a number of security vulnerabilities being identified. The talk discusses the security measures implemented, as well as the strategy employed to uncover security flaws that ultimately led to code execution and reaching a privileged context on the device.
Topic: How My AI Broke Your 20 Character Password
Speaker: Travis Ford and Matthew Marx
Abstract: The presentation will focus on research around cracking passwords automatically using artificial intelligence. In particular, the research will discuss the use of rules in password cracking and the effectiveness of developing efficient, intelligent rulesets to use with wordlists to crack passwords. In this presentation, MWR will present a novel technique that creates highly intelligent rules without any involvement on the part of the user. This is achieved using an genetic algorithm that uses evolutionary principles to prune and breed rules that crack increasingly complex passwords over time.
You can register for tickets to ZACon here
ZaCon Nights is a social event that will happen on the Friday 2nd October the day before ZACon. This night will be filled with hacker fun and adventure. There will also be different challenges like Hacker Jeopardy, CTF, Lockpick Barfridge and you can build your very own ZACon branded Wi-Fi antenna. MWR’s very own Managing Consultant, Tyrone Erasmus will also be giving a talk that night.
Topic: In Loving Memory: A Journey Through Password Extraction Techniques
Speaker: Tyrone Erasmus
This talk will provide a history on the evolution of post exploitation techniques used to extract user passwords after compromising a computer. It will compare how these techniques have evolved on Windows and Linux over the years and what defenders have done to make this harder. It will then present a new way to extract user passwords from a Linux system without the need for cracking hashes. A newly-developed tool will be demonstrated and the trials and tribulations of performing these techniques on modern Linux systems will be discussed.
In addition to this – Tyrone is also doing a talk at RSA in Abu Dhabi on the 4th – 5th November 2015.
You can register for tickets to ZACon Nights here