The battle with the robot, the dangers of social networks and hacked WiFi: how was NeoQUEST-2015

In this article, we will talk about the reports of the “face-to-face” of the St. Petersburg NeoQUEST-2015, share the materials, and at the same time recall how it all happened! Readers are waiting for:

• report descriptions
• presentations of reports:
  - “Learn in 60 seconds”
  “Detecting malware with an oscilloscope?”
  - "Evil Maid"
  - “Fast search of slow hashes on GPU”
  - “Visual pentesting”
  - “TPM.TXT: try to hack!”
  - “Crazy Car: control car electronics via CAN-bus”
• bright photos of positive guests NeoQUEST
• 3 video presentations

About how the guests of NeoQUEST amused themselves during the breaks between the reports, and why there were only 3 video reports left - we read under the cut!

What were we talking about

For the hackquest participants, the competition started at 10:00, the guests could have slept longer - the main event started at 11. Of course, not all of the gathered guests were ready to have fun from early morning ... But our permanent leader Dmitry Kuzenyatkin helped us to wake up and smile. this day, in accordance with the legend NeoQUEST-2015, was dressed in a mysterious costume and joked jokes about masons (namely, this was the subject of NeoQUEST!). In addition, he did a terrific beatbox, played a mysterious musical instrument and recited his own poems!


')
The event opened the report “Android: an infection game,” dedicated to the security of the platform of the same name. The report reviewed the features of malware distribution for the Android platform, and a brief overview of how to install the malware into the system was also conducted.

“Learn in 60 seconds”

Immediately after it, the report “ Learn in 60 seconds ” was presented, which aroused considerable interest among the audience. What to do if we want to make an avtodse on any person? Naturally, search the Internet. However, Google also needs to be wisely ... The speaker not only told how to do it, but also showed how the software that collects user data works! In addition, the video of the report contains answers to very important questions: why the mail is the basis of the basics, why give money to the Chinese (or to schoolchildren), and how to find out where the girl you like lives with the help of social networks and the WiFi list and how to make a guaranteed pleasant impression her parents?

"Detecting malware with an oscilloscope?"

The report " Detection of malware with an oscilloscope ...? »It was told about known attack vectors using software modification of the firmware of the equipment, considered the most famous incidents, indicating the possibility of their application in practice. The speaker proposed a curious approach to detecting bookmarks in the firmware of the equipment, based on the analysis of the power consumption of the device. In the demonstration - unfortunately, behind the scenes - the speaker, using an oscilloscope, carried out an analysis of the operations performed by the device and showed how to detect anomalies in power consumption!

"Evil Maid"

The “Evil Maid” report was devoted to the security features of full disk encryption systems. Technologies of full encryption of disks and operating systems are rapidly gaining popularity. However, often using BitLocker, LUKS or TrueCrypt can be a requirement when working with confidential data. How can the security of such systems be compromised and how to protect against it? The speaker talked about what BitLocker should be used for and showed how to collect passwords:

• for system without TPM module
• for system booting from BIOS
• for system booting from UEFI

The report also provided recommendations for truly effective protection of sensitive encrypted data.

"Fast search of slow hashes on the GPU"

The report “ Fast search of slow hashes on the GPU ” posed two tasks: to sort the password hash from the PDF document and, much more interestingly, to sort the password hash from the Bitcoin wallet. It was told about modern frameworks for heterogeneous computing, described the strengths and weaknesses of the GPU. The speaker demonstrated how and for how long the program he developed can iterate over the hashes, and told what optimization he used when writing the program.

"Visual pentesting"

The report “Visual Pentesting” was devoted to the problem of evaluating the results of penetration testing: what to do if there are many scanners, each of them has its own report format, a large amount of disparate scan results, and it is completely incomprehensible how to identify the relationships between entities? The speakers talked about what technologies they used to develop a system for ontological analysis and visualization of pentest data (graph databases, SPARQL, SWRL, and much more ...) and demonstrated how to work with such a system.

"TPM.TXT: try to hack!"

The longest talk " TPM.TXT: try to hack! "Is an immersion into the world of hardware virtualization and Intel TXT and TPM technologies. We remind that in the framework of NeoQUEST-2014 there was a report on TPM technology, and this year the speaker paid a lot of attention to TXT technology, non-trivial tboot tuning, attacks on Intel TXT and TPM. There was time for practical experiments on modifying the Linux kernel!

“Crazy Car: control of car electronics via CAN-bus”

The final report " Crazy Car: control the car's electronics via CAN-bus ." At NeoQUEST-2014, this report, which was still more theoretical, made quite a strong impression on the listeners, which is why the speaker paid more attention to NeoQUEST-2015 in terms of software and hardware. Namely: the main characteristics of the CAN protocol, the message structure and protocol abstraction levels were considered. It should be noted that in various versions of the protocol there is no support for protection functions, which is a tasty morsel for an attacker ... On the example of the Volkswagen Passat B6, the speaker showed how, with the help of the Arduino, he managed to influence the car, which "electronic parts" of the car were under its control and what are the possible scenarios of attacks on a person who got into a “crazy car”. By the way, the "experimental" was standing all day in the parking lot next to the venue of the NeoQUEST, and anyone could experience for himself, what is it like - when the car suddenly "slid off the coils"?

Contests What is wrong with wifi?

Throughout the day, the JetBusinessStream team provided high-quality online broadcasting and recording of reports. However ... What is a cybersecurity event without hacking? There was no competition for hacking WiFi, but enterprising guys are able to organize a competition for themselves! The crazy hands of one of our guests got to all three WiFi networks of the Club House CDC (where NeoQUEST-2015 was held) and ... hacked them! Of course, then the sudden hacker corrected everything, but alas, the broadcast could not be saved, and most of the video sank into oblivion ...



By the way, besides hacking WiFi, the participants had a lot to do: someone fought with a virtual robot, someone sunbathed on the open roof terrace, and someone stoically passed the "USE Exam", otherwise referred to as Twitter ConQuiz - a quiz contest where the player who passed the highest number of tasks gets a prize! Every hour, tasks were published on Twitter NeoQUEST, this year they were devoted to non-trivial methods of communication, namely, the prison and semaphore alphabet, brute force, encryption and alternative keyboard layout. However, for the first time in 3 years there was no single winner! I had to decide the question of who will get the main prize, in the old manner:



In addition, guests NeoQUEST-2015 willingly participated in various competitions. For example, after the “Evil Maid” talk, those who wanted to stretch their legs were asked to practically get the password with their hands, namely, piloting a helicopter! It turns out to land a helicopter with a strip of double-sided tape glued to it on a piece of paper with a password is not at all a trivial task! Especially if you have a rival who wants to get ahead of you.



In addition to these contests, there were many others, among which it was necessary to guess the opposite of the melody unfolded, to go through a maze using flash drives, defined by a computer as a keyboard, and much more! Not only the winners of the contests, but also the participants received excellent prizes, and you only look at these satisfied faces:

And what about hackers?

While everyone was actively having fun, learning new things and winning prizes, the hackquest participants worked hard and hard ...



They were waited for by 7 tasks: on safety of mobile OS (traditionally - Android), reverse engineering, virtualization, safety of Web, and even there was a task connected with automobile safety, inspired by a report on similar topics! Traditionally, all tasks were united by a legend, in this case - Masonic.

The winner of NeoQUEST-2015, n0n3m4, immediately took the lead after completing one task, then the second ... However, towards the middle of the day, other participants began to catch up with him. Despite this, n0n3m4 kept the leadership coolly and won the main prize: a trip to one of the international conferences on cybersecurity (of your choice)! The second place was taken by Abr1k0s, the third - Ziv00s3! Abr1k0s received a virtual reality helmet as a gift, and the Ziv00s3 - the original Chemokat (scooter suitcase)!

The farther - the more interesting!

NeoQUEST-2015 is over, and now is the time to prepare for the online stage NeoQUEST-2016, which will traditionally be held at the end of winter. And after it - “confrontation” again, where we will be happy to give all the guests interesting reports, wonderful gifts and a great mood! We remind you that for all questions you can contact us on Twitter or email (info@neoquest.ru or support@neoquest.ru)! You can view other photos from the event on our website .

Ahead - analysis of tasks "confrontation"!