Dailydave mailing list archives
RockyCon '05 - a report - reloaded
From: <antoheri () hushmail com>
Date: Tue, 5 Jul 2005 19:50:08 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Due to Hushmail's lack of newline support..we bring you..RockyCon '05 -- the formatted edition. RockyCon '05 ============ What follows is an eyewitness account of a con that has set new standards for every other con out there. The largest underground party ever thrown on the face of this planet. RockyCon 2005. On July 1st a massive contingent of blackhats, sellouts and ex-cons landed in an undisclosed location in the deep woodlands of Michigan. Meaning, American flags, Jesus is Lord t-shirts, and promises of hell on bumperstickers for various activities ranging from coathanger gymnastics to sodomy. Friday's pre-con activities included stealing microwaves from renowned martial arts experts, the unveiling of nachOS..an injectable mini-OS that looks like it'll raise the bar on backdooring standards, and a handson sigint workshop involving a rather impressive display of boys-will-be-boys mentality within the global intelligence community. Allthough the specifics of the main event are still somewhat clouded in a haze of pigfat and alcohol, I'll try my best to recapture the essentials. After being transported from the pick up point to said undisclosed location, we were introduced to Marty the Pig. Marty the pig was originally intended to alert the con organisation of any intrusion attempts. But due to it's high rate of false positives we got sick of Marty fairly quickly, so we decided Marty'd serve better as the main focus for the con's 'deep auditing' track, at the end of which we were left with 150 pounds of pig, stuffed with chicken and brattwurst, and plenty of bugs. Also, vegans suck. It took about 7 hours for Marty to cook, during which everyone chipped in to set the stage for the main event. Tent pitching techniques were pioneered and implemented, tables set up , and presentations prepared. Then we peeled garlic for 4 hours. Which, I have to say, was very zen. As dusk set in, the firepit was lit and it was time for RockyCon to go into full swing. One of the main tracks focused on 'secure by default cap settings in trusted computing environments', and introduced something that was described as the 'bottle lever' technique. After everyone had a go, the true potential of these advances in cap abuse became quite apparent and it didn't take long before a bunch of people applied it in the wild with an overwhelming successrate. The presenter of this track was later credited with advancing the art of default anti-bush tirades, egged on by a Kevin Smith look and act-alike dubbed 'Silent Rob'. He also got shot down by the chick with the nipple bling, even after hooking her up with a personal demo of blever.c. Poor guy. There were several sidetracks, presented on a massive projection screen which provided a nice contrast with the surrounding woodland. Highlights here involved a variety of zombie-flicks and listening to Eric Hines explain how he had a patch and that it wasn't the crypto over a trance soundtrack. Followed by the chick with the nipple bling busting into a "USA, USA.." chant combined with a slow-clap. Advances right there. Then of course there was the axe-throwing track (aimed at showing how robust the firedoor implementation was in preparation for Sunday's demonstration). The getting-abso-fucking-shitfaced track was the most popular track of the evening, which resulted in a lot of drunken gorging involving smores and pigmeat. Someone even got pregnant apparently. After mixing it up with the local research community the firepit was fired up some more, and there was a massive cumbayah-vibe felt by all. Even by the emo-kid with the checkered shoes. Hours of massive drunkeness, ethics roundtables, various interesting phonecalls to pillars of the hacker community, toad appreciation, and lugging a 5000 pound cooler back to the hotel for no apparent reason, later, it was time to turn in and put out. The mornings at RockyCon consistently featured a massive display of farting, swearing, and cognac bottle holding by AcidReflux. His strong teeth and jaws were also impressive. Thus came the 3rd day of RockyCon. Sunday. This day was more focused on demos and got kicked off by sitting around severly hungover for a few hours wishing death would come quickly. But as our brains slowly re-hydrated it was time for a panel discussion involving an attack dog and Marty the Pig's head. It was concluded that attack dogs and pigheads go well together. As dusk set in, the last set of talks and demos got underway. Highlight of the evening was the FireDoor demo, which was presented with an utter disregard for the law. From the slides: 'the firedoor is a privately developed technique credited to GOBBLES Security, aimed at reaching high hanging fruit.' Very fruitful indeed. Followed by a demonstration by the con's organiser in log maintenance and corn-shell techniques. Then there was more drinking rounded out with an aluminium smelting class. Also demonstrated was the reliable exploitation of a new bugclass dubbed 'malloting'. Many bugs were squashed in the process and penetration was tested succesfully. Then followed the extreme sports demo where again it seemed as the guy was lacking any reverence for the law, and burned it up on a skateboard. RockyCon was officially closed by a ritual burning and the looping of an inhouse musical production leaked from a large security company. There was dancing and firewalking. Ultimately resulting in a fire that only got more pissed off when you threw water on it. Luckily we had a pitmaster who wielded a pitchfork with complete disregard for the law to keep the inferno at bay. Many thanks to Rocky for throwing one fuck of a party. Here's some quotes: =================== "(-after throwing up violently-) Anyone wanna kiss me? :D" "String is like..loads of fun" ... "*ouch* Strings are dangerous!" "It's too bad your dog is a souless killer, otherwise we might be able to touch it" "Down Cujo, down" "Damn, this smells like aluminium hydroxide mixed with magnesium hydroxide and some simethicone." "(-2 attendees who shared a room-) Did you ever play spoons?" ... "Yeah, just last night, ya fuck." "o m g" "w t f" "(-to chick with nipple bling-) Dude you're totally wearing that to draw attention to your tits" ... "am not." "Yeah I founded that bonfire." "(-to local inhabitant of Dawson's creek like Town-) You do realise you're the Pacey to her Dawson, right?" .. "What did you call me!?" "If it's burning blue it means it's over 1500 degrees" ... "Hehe, look, it's blue :)" "You just called me gay didn't you?" ... "and retarded :D :D" "Oh no this isn't *****'s Microwave, I stole it from the martial arts place next door... :D" "(-between two people discussing how to drain blood from Marty-) I guess we could siphon the blood out." ... "or! if we elevated the pig I think we can use a tube and suck on it until the blood starts to come out, on like..an elevation" ... "dude..." Lessons learnt: =============== Throwing an axe at a firewall implementation is harder than it looks. Trying to make hippies in tie-dye shirts become aware of their surroundings is harder than it looks. Breaking a pig's backbone is harder than it looks. Shoving garlic into a pig's eyeball is harder than it looks. Trying to get rid of the enormous birds of prey attracted by burning pigfat on a +1500 degrees fire, is harder than it looks. Lifting 150 pounds of dead pig is harder than it looks. Trying to entice an attack dog to furiously attack a pig's head is harder than it looks. Writing demos that don't bluescreen Windows XP is harder than it looks. Trying to keep a drunk whitehat from cuddling up to you in the shared hotelroom is harder than it looks. Tricking the chick with the nipple bling to take you home is harder than it looks. Trying to piss off the local police force is harder than it looks. Trying to build fire with nothing but some chocolate and a soda can is harder than it looks. -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkLLRooACgkQeHRnt5iEABwHewCfauvNIU+nbuWWY0YVv4uk3L3/NxsA n2fk+AXxCyhwddPOioyHWr+1KO3q =1l1H -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- RockyCon '05 - a report - reloaded antoheri (Jul 05)