The Grugq

In this episode of the Hack the Planet Podcast:

The Grugq shares stories from his 25 years at Phrack, with a special announcement about its future! We also dive into opsec, hacking at the systems level, origin stories, dealing with infosec burnout, and a surprising amount of information about fonts.

Links:

Phrack – http://www.phrack.org/

Between Two Nerds Podcast @ Risky.Biz – https://risky.biz/

List of Presentations – https://grugq.github.io/presentations/

OPSEC For Hackers: Because Jail is for wuftpd:

Systems Alchemy – https://www.youtube.com/watch?v=P6PnhDfWvx0

Grugq on Substack – https://grugq.substack.com/
Grugq on Twitter – https://x.com/thegrugq

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Zachtronics

In this episode of the Hack the Planet Podcast:

We talk with Zach of Zachtronics, creator of some of the best video games of all time, about his philosophy of game design, the story of the creation of Exapunks, and the correct pronunciation of Shenzhen I/O.

Zachtronics – https://www.zachtronics.com/

Manuals & Zines – https://www.lulu.com/search?contributor=Zachtronics

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Rocket Surgery with Arko

In this episode of the Hack the Planet Podcast:

We talk about making hardware that can survive in space with Arko, a robotics engineer and polymath hacker who has published open-source projects for high altitude balloons and autonomous vehicles, and revitalized the North American demo scene with his board for LayerOne. Other topics include growing up around the space program, the Nullspace hackerspace in LA, the ethics of self-driving cars, and what the amateur radio hobby called Summits on the Air has to do with avionics for spacecraft.

This episode could be a great introduction to designing avionics for spacecraft, for getting into the demoscene, or serve as an excuse to buy a bunch more radio equipment. If you are looking for as many as three new expensive hobbies, this is the episode for you.

Links:

Arko’s Project Site – http://www.arkorobotics.com/
Github – https://github.com/arkorobotics/

Arko @ UKHAS 2013 – https://www.youtube.com/watch?v=7ybIkH_u4as
UKHAS HabHub – http://habhub.org/
NullSpace – https://032.la/

LayerOne Demoscene Board – http://l1demo.org/wiki/start
Northern Dragons (demo group) – http://northerndragons.ca/
BBC MicroBot – https://twitter.com/bbcmicrobot

Summits on the Air – https://www.sota.org.uk/

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Securing Hardware with Joe Fitz

In this episode of the Hack the Planet Podcast:

Joe Fitzpatrick of SecuringHardware.com is the best known hardware security trainer on the planet.  We talk to him about how he retargeted his hardware security training program to a remote audience and what he’s learned about designing hacker trainings over the years. We also discuss a new hardware hacking tool that Joe built for both training and real world use: the Tigard, available on Crowd Supply. Joe has also been prototyping a PCI Express multi-tool, the Epic Erebus, and we brainstormed some ways to get into trouble with one. As usual, we discuss his backstory and some additional projects including a drone-based taco delivery service.

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

SecuringHardware: https://securinghardware.com/

Tigard: https://www.crowdsupply.com/securinghw/tigard 

B-Sides PDX: https://bsidespdx.org/

Interview with Malware Unicorn

In this episode of the Hack the Planet Podcast:

We dive into reverse engineering and malware development with Malware Unicorn, red teamer and author of some of the best the malware development training on the internet. We discuss why MacOS is an interesting environment for malware, tips for building your own reverse engineering lab, and future trainings in the works. We recorded this episode before the latest training was released, but you can find Malware Unicorn’s portable executable injection study on her website linked below.

Links:

Malware Unicorn Workshops – https://malwareunicorn.org/#/workshops

Xori – https://i.blackhat.com/us-18/Wed-August-8/us-18-Rousseau-Finding-Xori-Malware-Analysis-Triage-With-Automated-Disassembly.pdf

Writing Bad @$$ Malware for OS X – https://www.slideshare.net/Synack/writing-bad-malware-for-os-x

lena151 Tutorials – https://archive.org/details/lena151

Flare-On Challenges – https://flare-on.com/

Joe Sandbox – https://www.joesandbox.com/

Universal Loader – https://github.com/Binject/universal
https://www.symbolcrash.com/2021/03/04/the-universal-loader-for-go/

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Noid

In this episode of the Hack the Planet Podcast:

Noid is the former head of DEF CON security, founder of the LayerOne conference and the Black Lodge Research hackerspace, gunsmith, and anti-zombie technology enthusiast. We talk about the early history and social dynamics of BBS’s, the formation and growth of DEF CON, how to run a security team for unruly hackers in the middle of the desert, and why you shouldn’t go to DEF CON this year.

We also go into the formation of DC groups and the split from 2600, the formation of Black Lodge Research, and Noid’s artisanal hobbies including cooking and classic gun collecting.

Despite the advice of our guest, Hack the Planet will be attending DEF CON 29 in-person! Give us a call or drop us an email if you want to be interviewed for the show or meet up at the event!

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with Ilja van Sprundel

In this episode of the Hack the Planet Podcast:

We are joined by a master of C code audit, Ilja van Sprundel, Director of PenTest at IOActive and prolific public speaker. We ask him how he learned to be such a bad ass, including some epic stories from the past, and go over some of his recent areas of interest including IOMMU, bootloader, and kernel vulnerabilities.

Ilja’s Links:
An Offensive Approach to Teaching Information Security (Summer School):
http://sunsite.informatik.rwth-aachen.de/Publications/AIB/2005/2005-02.pdf
Netric (archive): https://web.archive.org/web/20050214135602/http://netric.org/

Things not to do when using an IOMMU: https://www.youtube.com/watch?v=p1HUpSkHcZ0
Boot2Root: https://www.youtube.com/watch?v=L7p5-ArFeYI
Memsad: https://www.youtube.com/watch?v=0WzjAKABSDk
BSD kernel vulns: https://media.ccc.de/v/34c3-8968-are_all_bsds_created_equally
Windows drivers: https://media.ccc.de/v/32c3-7510-windows_drivers_attack_surface
X Security: https://media.ccc.de/v/30C3_-5499ensaal_1201312291830x_security-_ilja_van_sprundel
iOS Security: https://media.ccc.de/v/cccamp11-4490-ios_application_security-en
Hacking Smart Phones: https://media.ccc.de/v/27c3-4265-en-hacking_smart_phones

Daniel Stone, Wayland and X: https://www.youtube.com/watch?v=GWQh_DmDLKQ

GodBolt: https://godbolt.org/
SleuthKit: https://sleuthkit.org/
SourceInsight: https://www.sourceinsight.com/
sandsifter: https://github.com/xoreaxeaxeax/sandsifter

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with Eric Michaud

In this episode of the Hack the Planet Podcast:

We do an actual ingress episode, not like the game. We discuss all manner of physical entry techniques, from doors to cars to tamper evident containers, with Eric Michaud, co-founder of TOOOL US and CEO of RiftRecon.

Can you beat the drug test? Find out in this episode! We also discuss the evolution of the US hackerspace movement from its European roots and ponder the post-COVID future of hackerspaces.

Eric’s Links:
RiftRecon: https://www.riftrecon.com/
Gone in 60 Seconds: https://www.youtube.com/watch?v=G6VVuSkTAgg
Lemon Caper: https://www.youtube.com/watch?v=qL9kFOt8YW4
Security of Urine Drug Testing Paper: https://www.yumpu.com/en/document/view/37593335/the-security-of-urine-drug-testing-journal-of-drug-issues
TOOOL US: https://toool.us/
Open in 30 Seconds (talk): https://www.youtube.com/watch?v=iOIRZnafgQk
Open in 30 Seconds (book): https://www.amazon.com/OPEN-THIRTY-SECONDS-Cracking-America/dp/0975947923

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with egyp7

In this episode of the Hack the Planet Podcast:

We talk red-teaming and CCDC with egyp7, volunteer for the National CCDC Red Team.

We go over war stories from CCDC Nationals, the early days of Metasploit and browser autopwn, as well as what’s been working well on professional red team engagements in the cloud era, advice on building wordlists, fun shell one-liners, and favorite offensive tools and exploits.

THIS IS NOT EGYPT THE COUNTRY, STOP SCANNING ME, TURKEY

egyp7’s links:

WebLogic CVE-2019-2725: https://blog.cybercastle.io/weblogic-remote-code-execution-exploiting-cve-2019-2725/
ExplainShell: https://explainshell.com/
MS17-010: https://github.com/3ndG4me/AutoBlue-MS17-010
Sliver C2: https://github.com/BishopFox/sliver
impacket: https://github.com/SecureAuthCorp/impacket
CeWL: https://github.com/digininja/cewl
DomainPasswordSpray: https://github.com/dafthack/DomainPasswordSpray
Linux Exploit Suggester: https://github.com/mzet-/linux-exploit-suggester
Kerberoast: https://github.com/nidem/kerberoast
hasherazade’s PE Bear: https://hshrzd.wordpress.com/pe-bear/
BlueSpawn: https://github.com/ION28/BLUESPAWN
BeeF: https://beefproject.com/
JDWP-shellfier: https://github.com/IOActive/jdwp-shellifier

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with Lei

In this episode of the Hack the Planet Podcast:

We talk with Lei, long-time Defcon goon and founder of Disconnect Camp, about how to recover from infosec burnout, the origin story of Disconnect Camp, some war stories from his tenure as a Defcon goon, and how to keep your cool in a pandemic when you’ve already been dealing with burnout for years.

Lei’s links:
Disconnect Camp: https://disconnect.camp/
Twitter: https://twitter.com/disconnectcamp

Frustration-Aggression Hypothesis: https://en.wikipedia.org/wiki/Frustration%E2%80%93aggression_hypothesis

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.