Sep 012013
 
ISACA Atlanta Geek Week Logo

ISACA Atlanta Geek Week

The 6th annual Atlanta Chapter of ISACA GEEK WEEK conference was held the week of August 19 – 23, 2013. GEEK WEEK is a track-oriented, full week Conference focusing on providing training, networking, and roundtable sessions on IT governance, audit & security.

I conducted the presentation Compliance Based Penetration Testing: You’re Doing it Wrong. You can find the presentation slides here. For links and information on the other presentations you can go here.

Jun 202013
 

From the site:

“Each BSides is a community-driven framework for building events for and by information security community members.  The goal is to expand the spectrum of conversation beyond the traditional confines of space and time.  It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. “

Presenter: James Edge – Mainstream Security
Title: Show and Tell: Super MiniPwner
Abstract: The TP-Link WR703N is a low cost wireless access point that has replaced the venerable Linksys WRT54G as the most popular device to crack open and tinker with.  Many project tutorials have sprung up on how to hack this device from a hardware and software perspective.  One such project is the “minipwner”  coined by Kevin Bong with his site www.minipwner.com.  This talk builds off of that concept by trying to upgrade and implement as many features as possible while still keeping the original case.  Why the original case?  Because I said so.  We double the RAM and flash storage, add a usb hub, usb sdcard reader storage, usb to Ethernet port, serial port over usb, and finally we have integration with the Teensy so you can run keyboard commands remotely over WiFi.  I call this device the very original name of super-minipwner.

Slides from the presentation are here.

Conference videos, courtesy of Adrian “Irongeek” Crenshaw (www.irongeek.com), are here.

Direct link to my talk here.

Oct 212012
 

From the site:

“Each BSides is a community-driven framework for building events for and by information security community members.  The goal is to expand the spectrum of conversation beyond the traditional confines of space and time.  It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. “

Presenter: James Edge – No Affiliation
Title: Show and Tell: Custom Power Pwn
Abstract:  The people over at Pwnie Express are coming out with a neat device called the Power Pwn. This device follows up on the Pwn Plug and the PwnPhone. With my experience as a penetration tester and junior hardware hacker I’ve been working on my own “pwn” hardware. I combined the PCEngines Alix 6f2, an APC BE650R Battery Backup Power Strip, and a battery Power Pack for a Custom Power Pwn. I integrated the Alix connectors for the serial, ethernet, and external antenna connectors with the existing APC coax, rj45, and rj50 ports. This talk is a show and tell on what I did and how anyone who is a fan of hardware hacking can do this themselves.

Slides from the presentation are here.

Conference videos were never posted on the Bsides site but I managed to obtain the video for my talk.

Direct link to my talk here.

 

Oct 102012
 

I don’t feel that this issue gets enough coverage so I am adding my voice to the mix in the hopes that someday the makers of our popular mobile operating systems will FIX THE ISSUE!  What I’m going to discuss is a wireless association vulnerability that was first discovered by Max Moser (site here and his full disclosure) way back in 2004 for Windows XP.  Using airbase-ng (part of the Aircrack-ng suite of tools) this same attack works against the latest versions of iOS5 and iOS6 (iPhone and iPad), Blackberry OS, and Android.  Apple’s iOS, from AT&T Wireless, even comes with a helpful default profile so you can attack a device right out of the box (see Tweet by HD Moore).  The only mobile OS that does not have this issue is Windows 8 on the new Nokia phones.  I don’t know a soul that has one of these phones so I hung out in an AT&T Wireless store to conduct my testing.  Those Microsoft devices will not associate with any Airbase-ng APs that mimic APs from the device’s probe packets.  Some individuals have tried to tell the world about this issue.  A great Youtube video was created by Jeffery Wilkins demonstrating this issue.  Vincent Costagliola at patctech.com wrote this article mentioning the same issue.

My testing has shown that an iPhone will connect to airbase-ng even if it is already connected to a WPA encrypted access point.  Just as described by Max Moser in 2004.

 Posted by at 6:32 pm
Aug 232011
 

Atlanta Chapter of ISACA GEEK WEEK 2011The 4th annual  Atlanta Chapter of ISACA GEEK WEEK conference was held the week of August 22nd – 26th.  GEEK WEEK is a track-oriented, full week Conference focusing on providing training, networking, and roundtable sessions on IT governance, audit & security.

I conducted the presentation Wireless Auditing on a Budget:  Using Low Cost Hardware and Open Source Software.  You can find the presentation slides here.  For links and information on the other presentations you can go here.

1.21.2014 – Since the Atlanta Chapter of ISACA website has changed the presentations can only be found on the Internet Archive where I updated the link above.  I also went and downloaded all the presentations available and provided them here.

Jan 252011
 

Earning CPE credits in a down economy for you Information Security certifications.

As we enter 2011 the financial talking heads say that our economy is recovering.  While this can be debated as vigorously as Vi vs. Emacs you sit in your office with the knowledge that your company’s training budget is still next to nothing.  Trips to information security conferences in Las Vegas, Miami, and Orlando are all out of the question.  With all of the information security certifications that you have obtained to keep competitive in this tough economy you are required to earn Continuing Professional Education (CPE) credits.  Below I will list some simple steps you can take to still keep current on the latest security trends while earning those valuable CPE credits to maintain your certification(s).
Continue reading »

Apr 172010
 

NA CACS conference hosted by ISACA (18-22 April 2010)

Remote Security Testing for Web Applications
Presented by David Rhoades
Maven Security Consulting

Attending this conference workshop session introduced me to Maven Security’s Web Security Dojo.  This is a virtual image, Ubuntu based, that includes several free and open source tools used for web application auditing.  The image also includes web application environments that are vulnerable to many common vulnerabilities to allow you to test and learn how to use the tools.  This pre-configured environment is perfect for educational purposes.  They also include a BASH script that will setup your own Ubuntu environment.

Oct 212009
 

Take this hypothetical scenario (Okay, it really wasn’t hypothetical at the time).  You recommend to your client that minimum 8 character passwords should be enforced but they want a minimum of 6 character passwords and instead they will enforce password complexity (alphanumeric and special characters).

As auditors we like to have facts to back-up our recommendations.  What better fact than simple math.

Password strength in relation to the number of guesses an attacker needs to brute force the password is represented by the number of characters available to choose from raised to the power of the length of the password.
Continue reading »

Dec 022008
 

Core Technologies hosted a series of three webcasts called Penetration Testing Ninjitsu by Ed Skoudis (http://www.coresecurity.com/content/webcast-series-with-sans).  I highly recommend listening to these web casts and downloading the slides for your reference.  I’m including the commands extracted from the slides that can be very useful for a penetration test.
Continue reading »