Tuesday, 2 December 2014

BSidesVienna - A Conference for the Cyber Geeks

Had the privileged to speak at BSidesVienna in Austria. When we reached there from Athens, we were excited and were pleasured by the cold breeze weather of the country. We stayed at the Intercontinental Wien and the conference, which was at Top Kino bar was located about 25mins away from the hotel.

Once we reached this cinema, we were greeted by the organizers, Chris, Olaf and other men in white. One awesome thing about BSides conferences is that they keep on to their tradition of providing free Tshirts! Hell, i waited no further to get myself one!

Despite two tracks in two different cinemas, i was pleased with the organization of the conference. Free drinks were provided in the bar and the cooling atmosphere simply gave me the addon pleasure of drinking hot chocolate! The couple serving at the bar were friendly.

Overall, the speakers had great topics to share. Some of the talks i enjoyed were the following:
1) The A, The P and the T by Marion Marschalek
2) Hijacking label switched networks in the cloud by Paul Coggin
3) Screw Compliance! Why security standards kill security! by Johannes Stillig

For my talk, i had abit of an issue both the words that came out of my mouth and the projector issues that was able to show only 70% of my slides. But i am glad that the audience understood and able to generate some giggles and laughter throughout my 40 mins presentation.

Overall, it was a great experience and since this was my first time speaking to an audience of European geeks, it will definitely be something i won't forget.

For more info: http://bsidesvienna.at/

Some of the pictures:


 

 

















 









Posted by at No comments:
Labels: , , , , , ,

Wednesday, 12 November 2014

Speaking at DefCamp Security Conference

Four days after my talk in Austria, i will be flying to Bucharest, Romania to speak at DefCamp. Like Austria, this will also be my first time in Romania or eastern Europe for that matter. I am so psyched and excited for this as well. After getting on the 57th spot out of a total of 800 over teams that compete in the online D-CTF challenge, i am looking forward to see the top 10 teams challenging themselves at the conference. The conference will be held in Bucharest from the 27th Nov to 30th Nov 2014.

Link: http://defcamp.ro

The DefCamp Banner

 
Some of the speakers


The Schedule of the talks for Day 1
Posted by at No comments:
Labels: , , , , , , , ,

Speaking at BSidesVienna Security Conference

I am privileged to be accepted as a speaker for BSides Vienna, Austria. This will be my first time in Austria and i am very excited for it and meet security enthusiasts in the region. The conference will be held on the 22 November 2014.

Link: http://bsidesvienna.at/

 BSidesVienna Banner

The Schedule of my Talk
Posted by at No comments:
Labels: , , , , , , ,

Tuesday, 21 October 2014

DefCamp D-CTF Challenge

On the 18th of October, Defcamp conference organized a hacking CTF challenge to the public called D-CTF. As we had participated in several CTF events, (from SANS, Symantec CRC and recently from NUS SoC) we decided to take up this challenge just for the fun of it and see how well we can do in a CTF organized by the Europeans.

The banner of the CTF challenge

The challenges. The Quest and the MISC challenges are the ones that need to think out of the box.

Try solving these non-technical challenges. :)

951 teams participated and though we didn't make it to the top 10, i am pleased to see a Singapore team 'Dystopian Narwhals' to be at the 30th spot.

A short bio of the 'Dystopian Narwhals'. I've seen this team participated/participating in many CTF events and they have been doing well in many competitions/challenges be it online or offline. 


This experience allowed me to gather a group of cyber security enthusiasts to form a team to join this challenge and thus Defcon SG is born.. We were happy to be in the 57th spot out of 951 teams that participated. :)


Posted by at No comments:
Labels: , , , , , , ,

Thursday, 16 October 2014

NUS SoC Hacking Challenge 7 - On Your Own!

Level 7 - Final Level of the Hacking Challenge!

Credits goes to my colleague Jan Teo YZ for completing this stage. 



The Starting point of Level 7 Stage




    Hmm, a picture, two buttons and an input field. A quick search on “Symbol ciphers” gave the above image.


Something similar to the first image.



Using the Freeman’s cipher, we can decipher the picture 



Upon deciphering the symbol against the characters, we get the above sentence "YOU HAVE ALMOST REACHED HEKA"

Trying the phrase “You have almost reached Heka” doesn’t give us access, let’s click on the “download” button and see what it gives us

Just a piece of text file with nothing on it (of course, its invisible)


Lots of white spaces and tabs… hmm. A quick search through google revealed the above.

Aha... Whitespace. Trying it out in SNOW, compiling as the Whitespace programming language gave no results.(A Segmentation Fault occurs when you try compiling it) After trying for a long while with no results, I had to resort to asking NUS for tips.


It finally hits me. Going back to the document, I replaced all spaces with zeros and tabs with ones and separated them in sets of 8 (a byte)


Pasting them into a binary to ASCII converter


We get the phrase “Well done! Orb secured.” Concatenate both phrases and we get “You have almost reached Heka Well done! Orb secured."

LEVEL 7 CONQUERED!!!!


Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)