Wednesday, 19 March 2014
Defcon Kerala, India
Earlier this month, we were given the honor to present our paper with my colleague (Vikneshwaran Veeran) at Defcon Kerala. I was surprised and happy when our paper was accepted by the Defcon Kerala team. Coincidentally, i presented a similar demo at two security seminars in Singapore. But the difference was this, Defcon Kerala is a group of security enthusiasts, programmers, bug bounty hunters, application and tool developers and of course HACKERS! Unlike the seminars i presented in Singapore where the audience were geared towards business users and IT professionals, conferences like Defcon are more techie and how should i put it: subject matter experts!
During the day of the conference, we were warmly welcomed by the team. It wasn't as big as the Defcon conference in Vegas (thank God!) but it was a great experience. We get to meet the creator and founder of Xenotix (Ajin Abraham), the creator of Mandiant OS, the creator of IronWasp (Lava Kumar), the WatsApp hacker (Anto Joseph), a hardware hacker (Yasheen) who was only 19 and many other talented individuals. We were humbled by both the speakers as well as the audience who possessed such great knowledge and enthusiasm for security. Throughout the presentations before ours, the speakers were speaking and demonstrating the latest tools and techniques pertaining to applications and source codes. My colleague and i were dumbstruck-ed as we asked ourselves "Are we in the right place to present something different?" especially when our presentation was geared towards the web application and network penetration.
Alas, when it was our turn to present, the hall was quiet. We felt a sudden silence and quickly set up the laptop to the projectors as my colleague starts to introduce ourselves to do the ice breaker. So ideally, this was how we prepared for the demo: For the introduction, my colleague will speak and when it comes to the demo, i will speak and when i started to run the demo, my colleague will continue the motion as to keep the presentation alive and not create any form of awkward silence in between.
During the demo, it was smooth but we encountered a small 2 minutes hiccup/delay. The 2 minutes delay was caused by the process of creating the payload. Usually it should be done within 30 seconds but at that point of time, it was not. After 1 minute, i started to look at my colleague and started to show signs of desperation. My colleague coolly told the audience about Murphy's Law. Well, i did prepare backups of the payload in case that doesn't work but after 2minutes, it did. Phewww!! Continue to the demo and when it finally completes, i was delighted. Sheesh, i stammered most of the time and even one of the audience jokingly commented that my 'accent' was funny. Argh!
After the presentation, we came up to some of the other speakers and complimented them on their great work and tools. A big RESPECT to them all. One of the speakers, the creator of IronWasp complimented our demo saying it was one of the most complicated demos he had seen and he was nervous and glad when it managed to pull it off. (imagine how nervous we were on stage!) That was such an awesome feedback.
After the conference ended we were swarmed by the members of the audience who spoke to us and took pictures with us. It was a great feeling. I also didnt miss the opportunity to take the photos with them as well. Whenever they took my pic, i will tell them "hang on, its my camera's turn to take". We managed to exchange contacts with them either via namecards or linkedin or facebook.
Overall, it was a great experience and i really thank the Defcon Kerala Team for organizing this event. I believed it was a fruitful event that everyone could take away, learning something new or at least spurn them into wanting to go deeper into security. Although this was the second year of this conference, i believed that this will go into something bigger, perhaps in a few years time, it will garner a much larger audience possible rivaling conferences such as Hacker Halted.
Here are some of the pictures of the event.