Posts Tagged ‘mrmcd’

mrmcd14 in Darmstadt – DOM-based XSS

Sunday, October 5th, 2014

After last year’s fabulous event, I was really looking forward to this year’s mrmcd in Darmstadt, Germany. It outgrew last year’s edition and had probably around 250 to 300 people attending. Maybe even more. In fact, 450 clients generated 423 GB traffic during the conference which lasted 60 hours or so. That’s around 2MB/s. That’s megabytes. Per second. Every second. I find that quite impressive. Especially as the outdoor area was very inviting to just hang around, grab a beer, and chat to your fellow hackers. So some people must have had an amazing demand of … updates…

This year’s theme was construction sites. As IT, and especially security, is a major, never ending, and dangerous construction site. It was well done, with a lot of warning tape, the people wearing helmets, hi-vis vests, some security boots, etc. Although it couldn’t excel last year’s aviation theme, but the watermark was set extremely high. Anyway, the speakers received cool gadgets, like a tool set, a level, and other very well done gadgets. The talks were opened by Unicorn who, as you can see, was wearing proper safety gear. We were given instructions as to how to behave in case of fire, flood, or lack of alcohol. A nifty feature of this event is the availability of carbo hydrates in form of various food stuffs. It’s very cool to always being able to walk up to the buffet and fill up energy reserves.

The keynote was involuntarily given by dodger who did not miss the opportunity to show us various constructions sites, such as the Utah Data Center. Ultimately, (now I am maybe over interpreting things), it’s also hackers like us who make those possible. We usually decide for ourselves where to go and what to do. It was a good round-up on how we as a community work or should work. Also with some political references which I think is important as I have the feeling that many people lose that focus too easily.

An interesting series of talks was given by Ange Albertini, who first presented the PDF file format. It was interesting to see how the format actually looks like. I knew already a little but I’ve never really cared about the details. This was a very interesting and visually appealing talk. Pretty much like his other presentations which were again on file formats and on crypto.

My own talk was scheduled after the second night. I was positively surprised to see a half-filled room on a Sunday morning, after two nights of demanding partying… Anyway, I had an interested crowd which I think I could entertain. You can find my slides here. I was talking on DOM-based Cross-site Scripting. I presented a modified Chrome browser which is able to stop all identified DOM-based XSSs. I will need a separate post to cover the details. As a brief summary: Both WebKit and V8 were modified to track taint, that is, to annotate strings with the information of the source. Such a source could be the document.URL or the window.name. This taint information is evaluated whenever it is about to be compiled to code. The simple approach of blocking every tainted string to compile is not followed as it breaks the Web. Instead, the compiler will notice which token is about to be generated and only allow generation if and only if the string is untainted or of a data type (String, Boolean, Number). If the tainted token is, for example, function call, assignment or pretty much anything else, then it is replaced with an illegal token in order to abort compilation. There is a video of the talk here:

As we are on videos, the video team is just plainly amazing. It released videos of the event pretty much after they finished. And in a quality that is hard to excel. You check the videos of this conference, but also others. You may find some gems that are well worth watching. Be aware though, some talks are also very much on the vapor-ware side of things… I guess I don’t need to point to specific talks as it should be easy to identify…

I am already looking forward to next year’s event. The watermark has, again, been set high and I expect the next year to be able to raise that bar. But I hope it will be able to stay small enough to not lose the cosy and comfy feeling. Maybe I shouldn’t blog about that fantastic event to not generate too much attention ;-)

MRMCD2013

Sunday, September 15th, 2013

It’s been a while since I attended the mrmcds. In 2011 the event did not take place and I couldn’t make it the year after. Fortunately, 2013 allowed me to participate and I was heavily surprised by the quality of everything. The (newish) location, the people, the provided catering, the atmosphere, …

wlan stats

The event itself is relatively small. I don’t have numbers but I felt like being surrounded by 100 people. Although the stats about connected devices suggests there were at least twice or thrice as many people present.

trolley

The talks were good, a refreshing mix of technical and non-technical content. With an audience generally inclined to discuss things. That allowed for more lively sessions which create new insights, also for the speakers. My favourite was Akiko talking about her job as air traffic controller. I learned a lot about how the aviation industry is organised how various pieces fit together.

fukami doro

Fukami keynoted the conference and tried to make us aware of our ethics. Surveillance was made by hackers, he said. People like you and me. The exercise for the audience was to further think and conclude that if we didn’t help implementing and deploying surveillance infrastructure, it wouldn’t have gotten that bad. While the talk itself wasn’t too bad, I wonder who the target audience was. If it meant to wake up young hackers who have not yet adjusted their moral compass, it was too weak. The talk didn’t really give advice as to how to handle dubious situations. If it was not meant for those hackers, then why talk about it in a very basic way and not ask hard questions? Anyway, I enjoyed seeing the issue of people’s responsibility coming up and creating a discussion among the hackers.

Enjoy Cock

Mine and Stef’s talk went well, although it was the in the very last slot of the conference. After two long party nights. I barely made it to the talk myself :D We presented new ideas to guide the user when it comes to security critical questions. If you have been to GUADEC, then you haven’t missed much. The talk got a slight new angle though. In case you are interested in the slides, you can find them here.

clocks

The design of the conference was very impressive. The theme was aviation and not only did we have an impressive talk monitor as seen above, we also had trolleys with drinks and food as well as the time for various interesting locations. We also received amazing gadgets like the laser engraved belt made from the typical air plane seatbelt.

As always, parties were had with own DJs, light show, beer straight from the tap, cool people and music. To summarize: I’m glad to have visited a very enjoyable event. It’s a pleasure to be around all those smart hackers and to have inspiring discussions. I’m looking forward to next year.

erklaerbaer

mrmcd1001b Impressions

Wednesday, September 8th, 2010

I had the pleasure to be invited to the MetaRheinMain ChaosDays 1001b (mrmcd1001b) in Darmstadt. This years motto was “Beyond Science Fiction” and ~250 people gathered together to discuss “Society and Technology in 20th century fiction and 21th century reality”.  

The presented talks were mostly interesting, although I didn’t attend that many. I spent most of the time talking to people or giving (two) talks myself: Security in Mobile Devices and Virtualised USB Fuzzing.

The first one went as expected and I think the attendees enjoyed it very much. Again, talking about technical details that a buffer overflow on x86 involves is not that much fun but I think it went at least alrightish. Slides can be found here.

The second talk was kind of a rehearsal for my final thesis presentation. So I took the chance to prepare myself for Dublin and present brand new stuff^tm. I started off crashing a Linux PC with my N900 and went then to the talk. It was a bit confusing, I guess. But in fairness: It was very late in every sense of the word ;-) But I got positive feedback nonetheless so it’s better if you make up your own mind with the slides. Although I don’t think the slides alone are that interesting.

For some reason, people were interested in the commands that I’ve used for the demo:

  1. Boot Ubuntu
    /opt/muelli/qemu/bin/qemu-system-x86_64 -enable-kvm -hda ubuntu.img -cdrom ~/ISOs/ubuntu-10.04.1-desktop-amd64.iso -monitor stdio -serial vc -m 1G -loadvm 1
  2. Setup Filter
  3. usb_filter_setup /tmp/filter
    export PYTHONPATH=~/hg/scapy-com/
    python recordingfilter.py /tmp/filter /tmp/phonet.dump

  4. Attach device
  5. info usbhost
    usb_add host:0421:01c8
    sudo chown muelli /dev/bus/usb/002/004

    usb_filter_remove
    usb_del 0.2

  6. Replay
  7. usb_add emul:full:/tmp/filter
    cat /tmp/filter.in &
    cat /tmp/phonet.dump.out > /tmp/filter.out

    usb_del 0.0
    kill %%

  8. Fuzz (didn’t really work because of a Heisenbug)
  9. python emulator.py --relaxed /tmp/filter /tmp/phonet.dump.combined
    python fuzzingemulator.py /tmp/filter webcam.dump
    usb_del 0.0

  10. Fully Virtualise

  11. usb_add emul:full:/tmp/filter
    python usbmachine.py /tmp/filter.in /tmp/filter.out
    usb-devices

mrmcd0x8 – Call for Participation

Monday, July 6th, 2009

Die MetaRheinMain ChaosDays gehen in eine neue Runde *yay*! Ich werd’ wohl dieses Jahr nicht koennen, aber ich war ja nun auch schon oft genug dort ;-) Wenn du einen Vortrag oder einen Workshop einreichen willst, benutze bitte das Pentabarf. Ein Grund, etwas einzureichen (oder um einfach nur hinzugehen) ist das Pornophonique Konzert! Wirklich empfehlenswert.

c&p von der offiziellen Seite:

Der CCCMZ, C3F2M, CCC Mannheim, oqlt, der IT Stammtisch Darmstadt und CDA laden zu den achten MetaRheinMain ChaosDays ein.

Die MetaRheinMain Chaosdays 0x8 sind ein jährlich stattfindender Kongress, der dieses Jahr unter dem Motto “Zurueck zum Thema” mit den Themenschwerpunkten Journalismus, Gesellschaft und Technik vom c3f2m Frankfurt, CCCmz (Mainz/Wiesbaden), der Hochschulgruppe Chaos Darmstadt, dem AK Vorrat und weiteren regionalen Gruppen im Rhein-Main-Neckargebiet organisiert wird. Die MRMCDs finden dieses Jahr vom 04.09-06.09.2009 an der Technischen Universität Darmstadt statt. Drei Tage lang werden Vorträge, Diskussionen und ein Hackcenter geboten.

Die Vorträge und Workshops richten sich mit Themen sowohl an die breite Öffentlichkeit, als auch an spezialisierte Interessen. Auf diese Weise soll die wissenschaftliche Anbindung und der Bezug zum aktuellen öffentlichen Diskurs gewahrt werden. Folgende Schwerpunkte bilden das Rückgrat der Veranstaltung:

  • Journalismus
  • Gesellschaft
  • Technik

Darunter fallen z. B.: Wahlmaschinen, Überwachung, Kryptographie, IT-Sicherheit, Biometrie, Vorratsdatenspeicherung, BKA-Gesetz, Elektronische Gesundheitskarte, Auswirkung der Weiterentwicklung von Technik auf die Gesellschaft, Chaos Kultur, Projekt- und Selbstmanagement.