Securing Hardware with Joe Fitz

In this episode of the Hack the Planet Podcast:

Joe Fitzpatrick of SecuringHardware.com is the best known hardware security trainer on the planet.  We talk to him about how he retargeted his hardware security training program to a remote audience and what he’s learned about designing hacker trainings over the years. We also discuss a new hardware hacking tool that Joe built for both training and real world use: the Tigard, available on Crowd Supply. Joe has also been prototyping a PCI Express multi-tool, the Epic Erebus, and we brainstormed some ways to get into trouble with one. As usual, we discuss his backstory and some additional projects including a drone-based taco delivery service.

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

SecuringHardware: https://securinghardware.com/

Tigard: https://www.crowdsupply.com/securinghw/tigard 

B-Sides PDX: https://bsidespdx.org/

Interview with Malware Unicorn

In this episode of the Hack the Planet Podcast:

We dive into reverse engineering and malware development with Malware Unicorn, red teamer and author of some of the best the malware development training on the internet. We discuss why MacOS is an interesting environment for malware, tips for building your own reverse engineering lab, and future trainings in the works. We recorded this episode before the latest training was released, but you can find Malware Unicorn’s portable executable injection study on her website linked below.

Links:

Malware Unicorn Workshops – https://malwareunicorn.org/#/workshops

Xori – https://i.blackhat.com/us-18/Wed-August-8/us-18-Rousseau-Finding-Xori-Malware-Analysis-Triage-With-Automated-Disassembly.pdf

Writing Bad @$$ Malware for OS X – https://www.slideshare.net/Synack/writing-bad-malware-for-os-x

lena151 Tutorials – https://archive.org/details/lena151

Flare-On Challenges – https://flare-on.com/

Joe Sandbox – https://www.joesandbox.com/

Universal Loader – https://github.com/Binject/universal
https://www.symbolcrash.com/2021/03/04/the-universal-loader-for-go/

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Noid

In this episode of the Hack the Planet Podcast:

Noid is the former head of DEF CON security, founder of the LayerOne conference and the Black Lodge Research hackerspace, gunsmith, and anti-zombie technology enthusiast. We talk about the early history and social dynamics of BBS’s, the formation and growth of DEF CON, how to run a security team for unruly hackers in the middle of the desert, and why you shouldn’t go to DEF CON this year.

We also go into the formation of DC groups and the split from 2600, the formation of Black Lodge Research, and Noid’s artisanal hobbies including cooking and classic gun collecting.

Despite the advice of our guest, Hack the Planet will be attending DEF CON 29 in-person! Give us a call or drop us an email if you want to be interviewed for the show or meet up at the event!

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with Ilja van Sprundel

In this episode of the Hack the Planet Podcast:

We are joined by a master of C code audit, Ilja van Sprundel, Director of PenTest at IOActive and prolific public speaker. We ask him how he learned to be such a bad ass, including some epic stories from the past, and go over some of his recent areas of interest including IOMMU, bootloader, and kernel vulnerabilities.

Ilja’s Links:
An Offensive Approach to Teaching Information Security (Summer School):
http://sunsite.informatik.rwth-aachen.de/Publications/AIB/2005/2005-02.pdf
Netric (archive): https://web.archive.org/web/20050214135602/http://netric.org/

Things not to do when using an IOMMU: https://www.youtube.com/watch?v=p1HUpSkHcZ0
Boot2Root: https://www.youtube.com/watch?v=L7p5-ArFeYI
Memsad: https://www.youtube.com/watch?v=0WzjAKABSDk
BSD kernel vulns: https://media.ccc.de/v/34c3-8968-are_all_bsds_created_equally
Windows drivers: https://media.ccc.de/v/32c3-7510-windows_drivers_attack_surface
X Security: https://media.ccc.de/v/30C3_-5499ensaal_1201312291830x_security-_ilja_van_sprundel
iOS Security: https://media.ccc.de/v/cccamp11-4490-ios_application_security-en
Hacking Smart Phones: https://media.ccc.de/v/27c3-4265-en-hacking_smart_phones

Daniel Stone, Wayland and X: https://www.youtube.com/watch?v=GWQh_DmDLKQ

GodBolt: https://godbolt.org/
SleuthKit: https://sleuthkit.org/
SourceInsight: https://www.sourceinsight.com/
sandsifter: https://github.com/xoreaxeaxeax/sandsifter

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with Eric Michaud

In this episode of the Hack the Planet Podcast:

We do an actual ingress episode, not like the game. We discuss all manner of physical entry techniques, from doors to cars to tamper evident containers, with Eric Michaud, co-founder of TOOOL US and CEO of RiftRecon.

Can you beat the drug test? Find out in this episode! We also discuss the evolution of the US hackerspace movement from its European roots and ponder the post-COVID future of hackerspaces.

Eric’s Links:
RiftRecon: https://www.riftrecon.com/
Gone in 60 Seconds: https://www.youtube.com/watch?v=G6VVuSkTAgg
Lemon Caper: https://www.youtube.com/watch?v=qL9kFOt8YW4
Security of Urine Drug Testing Paper: https://www.yumpu.com/en/document/view/37593335/the-security-of-urine-drug-testing-journal-of-drug-issues
TOOOL US: https://toool.us/
Open in 30 Seconds (talk): https://www.youtube.com/watch?v=iOIRZnafgQk
Open in 30 Seconds (book): https://www.amazon.com/OPEN-THIRTY-SECONDS-Cracking-America/dp/0975947923

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with egyp7

In this episode of the Hack the Planet Podcast:

We talk red-teaming and CCDC with egyp7, volunteer for the National CCDC Red Team.

We go over war stories from CCDC Nationals, the early days of Metasploit and browser autopwn, as well as what’s been working well on professional red team engagements in the cloud era, advice on building wordlists, fun shell one-liners, and favorite offensive tools and exploits.

THIS IS NOT EGYPT THE COUNTRY, STOP SCANNING ME, TURKEY

egyp7’s links:

WebLogic CVE-2019-2725: https://blog.cybercastle.io/weblogic-remote-code-execution-exploiting-cve-2019-2725/
ExplainShell: https://explainshell.com/
MS17-010: https://github.com/3ndG4me/AutoBlue-MS17-010
Sliver C2: https://github.com/BishopFox/sliver
impacket: https://github.com/SecureAuthCorp/impacket
CeWL: https://github.com/digininja/cewl
DomainPasswordSpray: https://github.com/dafthack/DomainPasswordSpray
Linux Exploit Suggester: https://github.com/mzet-/linux-exploit-suggester
Kerberoast: https://github.com/nidem/kerberoast
hasherazade’s PE Bear: https://hshrzd.wordpress.com/pe-bear/
BlueSpawn: https://github.com/ION28/BLUESPAWN
BeeF: https://beefproject.com/
JDWP-shellfier: https://github.com/IOActive/jdwp-shellifier

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with Lei

In this episode of the Hack the Planet Podcast:

We talk with Lei, long-time Defcon goon and founder of Disconnect Camp, about how to recover from infosec burnout, the origin story of Disconnect Camp, some war stories from his tenure as a Defcon goon, and how to keep your cool in a pandemic when you’ve already been dealing with burnout for years.

Lei’s links:
Disconnect Camp: https://disconnect.camp/
Twitter: https://twitter.com/disconnectcamp

Frustration-Aggression Hypothesis: https://en.wikipedia.org/wiki/Frustration%E2%80%93aggression_hypothesis

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Interview with Vi Grey

In this episode of the Hack the Planet Podcast:

We meet with Vi Grey who answers all the questions we’ve had about the Nintendo Entertainment System since we were kids but were too afraid to ask. A prolific developer of homebrew NES ROMs, Vi Grey helps us understand the present and future of innovation on the NES platform. We also discuss his work with polyglot files featured in PoC||GTFO. This episode itself is in fact a polyglot, check the mp3 metadata of the file on the RSS feed for more information.

Vi Grey’s links:
I Dream of Game Genies (HOPE 2018 talk): https://www.youtube.com/watch?v=0rcKWQVMQ5w
Twitch Stream: https://www.twitch.tv/ViGreyTech
More at https://vigrey.com/

NESmaker: https://www.thenew8bitheroes.com/
Brad Smith on Light Guns on modern TV’s: https://www.youtube.com/watch?v=qCZ-Z-OZFUs
Damien Yerrick (more homebrew tools): https://pineight.com/
Tom7 (more NES hacks): http://tom7.org/

CypherCon: https://cyphercon.com/

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Swarm Intelligence with Pongolyn

In this episode of the Hack the Planet Podcast:

We have a chat with Pongolyn, a community organizer and strategist for the Pacific Northwest Englightend, one of the largest teams in the augemented reality game Ingress. We discuss the key elements needed to develop swarm intelligence and how they were applied to continent-spanning efforts.

Pongo has spent years deconstructing her experience into a valuable set of strategies for anyone organzing large numbers of volunteers, and expertly up-levelling them into easily digestible lessons on swarm-based strategies, gamification, and game theory for people that never played Ingress.

If you’ve ever had to organize a protest or a podcast, this episode is for you!

Pongolyn’s talks:
BSides Portland 2019 – https://www.youtube.com/watch?v=Eq33S_Rz4qo
Toorcamp 2018 – https://www.youtube.com/watch?v=UfYg3EVn_Jg
Defcon 26 – https://www.youtube.com/watch?v=bPTymsk1I_E

SwarmWise – The Tactical Manual to Changing the World by Rick Falkvinge
https://docs.google.com/file/d/0Bz8cVS8LoO7OOHhJUUF5akJ4RHc

Hannah Fry Ted Talk – Is life really that complex?
https://www.ted.com/talks/hannah_fry_is_life_really_that_complex

Screeps – https://screeps.com/

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Threat Modeling: None of Your Security Tools Help me Get More Money for my Security Program

In this episode of the Hack the Planet Podcast:

For too long, the confusion caused by the Adam Shostack/MS threat modeling “methodology” has prevented security teams from doing any productive risk analysis. That ends now. We clear up the confusion around what a threat model is, what it’s for, how best to go about developing one, what is so very very wrong with the Adam Shostack/MS method of threat modeling, and how to achieve better results with less effort and arguing.

Check out the links for useful templates and examples. And remember: a dataflow diagram is an important piece of design documentation, but it is not and can never be an effective threat model.

Threat Modeling Template Examples from SymbolCrash, adjust these to suit!

Simple Threat Model Example:
https://www.symbolcrash.com/wp-content/uploads/2020/10/Threat-Model-Template-Simple.xlsx

CVSS 3.1 Auto-calculating Model with Automatic Coloring by Severity:
https://www.symbolcrash.com/wp-content/uploads/2020/10/Threat-Model-Template-CVSS-3.1.xlsx

“How to measure anything in cybersecurity risk”
https://www.howtomeasureanything.com/cybersecurity/

CVSS 3.1 Calculator at first.org
https://www.first.org/cvss/calculator/3.1

Automated Secrets Detection:
https://github.com/Yelp/detect-secrets
https://github.com/anshumanbh/git-all-secrets
https://github.com/dxa4481/truffleHog

Old-School SANS Threat Modeling Template Example:
https://www.sans.org/blog/practical-risk-analysis-and-threat-modeling-spreadsheet/

Mentioned Tools:
https://github.com/lyft/cartography
https://github.com/nccgroup/ScoutSuite

C4 model:
https://c4model.com/

What is the Actual Financial Impact of a Breach?
https://www.nber.org/digest/jun18/economic-and-financial-consequences-corporate-cyberattacks
https://www.nber.org/papers/w24409

Threat Modeling Tools that uselessly force everything into a DFD (not recommended):
ThreatModeler – https://threatmodeler.com/
Irius Risk – https://iriusrisk.com/
OWASP ThreatDragon – https://owasp.org/www-project-threat-dragon/
MS Threat Modeling Tool – https://www.microsoft.com/en-us/download/details.aspx?id=49168

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.