ShmooCon 2010 - Day TwoDay two of ShmooCon 2010 included a wide array of information security presentations. This year’s ShmooCon East coast hacker convention takes place at the Wardman Park Marriott, Washington DC, USA.

Today’s presentations started according to schedule with three exciting tracks: Break It!, Build It!, and Bring It On! First up, from the Build It! track we heard from Blake Hartstein as he described JavaScript decoding and intrusion detection using Jsunpack-n. Lets scroll down and take a closer look at some of today’s event highlights.

Jsunpack-network Edition Release: JavaScript Decoding and Intrusion Detection by Blake Hartstein

Blake Hartstein is part of the Rapid Response team at iDefense, a Verisign company. For those unfamiliar with Jsunpack-network, it is a tool used to decode JavaScript for security research. Jsunpack JavaScript unpacker allows analyzing of packed or obfuscated JavaScript.

As stated in Hartstein’s presentation overview, “Attackers using web exploits are always improving their attacks to make them more effective at exploiting the victim, avoiding detection, and generally making attacks difficult for researchers to understand.” Hartstein outline the improvements of the current Jsunpack-n release over last year’s 2009 introduction of jsunpack at ShmooCon. Among those improvements Hartstein cited the release of full source code, use of Jsunpack-n to actively monitor network traffic, use of customizable rules and built-in detection mechanisms for intrusion detection, PDF and SWF decoding modules, and URL tracking mechanisms.

WLCCP – Analysis of a Potentially Flawed Protocol

Enno Rey and Oliver Roeschke discussed good and bad protocol design as they described in detail the proprietary “Wireless LAN Context Control Protocol” (WLCCP). The WLCCP protocol is used in Cisco wireless access points for the management of multiple access point wireless infrastructures called Wireless Domain Services (WDS).

From their presentation overview, “The world of ‘Enterprise WLAN solutions’ is full of obscure and ‘non-standard’ elements and technologies. One prominent example is Cisco’s Structured Wireless-Aware Network (SWAN) architecture, composed of autonomous access points combined with some components for centralized management, and still deployed in a number of corporate networks.” With that introduction they proceeded to show demos and coding used to illustrate the potential shortcomings of WLCCP. The Cisco IOS command, show wlccp wnm status can be used to reflect the status of the WLCCP link between an AP snooping on the access point.

Build your own Predator UAV @ 99.95% Discount

This was one awesome presentation that left the audience with everything but a pilot’s license. Michael Weigand’s presentation, “Build your own Predator UAV @ 99.95% Discount,” showed the audience how they could own their own Predator UAV drone. Weigand, ” Curious what war driving would be like from the eyes of an eagle?” Weigand explained the current state of open source/open hardware UAV autopilots and how to use this technology to develope a complete UAV system. Weigand even provided an overview of FAA regulations aimed at keeping us under a 400 foot ceiling.

DIY Hard Drive Diagnostics: Understanding a Broken Drive

DIY Hard Drive Diagnostics: Understanding a Broken Drive, was presented by Scott Moulton. Moulton taught the audience how to troubleshoot problems common to hard disk storage devices. He explained hard drive technology in detail, covering all aspects of the hardware components, controller boards and other electronic components, and the firmware.

Using pictures and audio in his presentation, Moulton described how to determine what might be wrong with a drive; whether it is the board, the heads, media, etc. He covered a quick diagnostics approach based on a simple process of elimination. He also stressed when one should stop troubleshooting for risk of loosing the data stored on the device. Don’t forget to download your copy of “DIY Hard Drive Diagnostics,” by Scott Moulton.

Day Two Closing Comments

It has been a full and exciting day at the ShmooCon 2010 East coast hacker convention at the Wardman Park Marriott, Washington DC, USA. Be sure to check back here at InfosecEvents for the latest news as we cover tomorrow’s ShmooCon 2010 presentations.

February 2010, things to do in Washington, DC—Lets do ShmooCon, hacking in two-feet of snow. . . .