Randomdata will be present next week at the Hack in The Box Haxpo, you will find us at booth number 43. In the past few months Ardillo and Fish_ and a bunch of volunteers have been working on a project called Project-S for HITB. The “S” stands for
Secret, Supercool, Strange, Special and a lot of other “super” words.
During one of the HITB NL core crew meetings we spoke about doing
“something extra” for the fifth Amsterdam edition of the HITB security
conference and to mark the first ever HITB Haxpo and after an evening of
brainstorming we knew what we wanted.
What is Project-S?
Project-S is an Über Badge
we created for Hack in The Box / Haxpo 2014 Amsterdam – a fully
functional Arduino with some extra features thrown in for extra hacky
So what are these features?
The HITB Crew will have a badge with all components on-board
including some wireless communications – it also contains some LED’s as
well and after the conference you can use it as a regular Arduino
What? Only the HITB crew gets a badge?
NO! We have badges for sale at the Randomdata booth (NL-043)! Be sure you get it fast though because we have only 133.7 badges to sell!
We have fully completed badges as well as badges that require you to
get your soldering hackf00 on! Don’t know how to solder? Worry not, as Mitch Altman is on hand right next door (NL-044) to teach you how!
Can I pre-order a badge then?
Can I see it now?
We’ve done even better – check out this video!
After the conference we might release some more goodies for the badge
for you to expand its functionality further. Got an idea you think we
should implement? Stop by the Randomdata booth
What can we do at the Randomdata booth? - Solder your own HITB / Haxpo Badge
- Buy your own badge and goodies
- Learn how the project works
- see what projects where done by Randomdata in 2013/2014
- 28th May 16:00 at the Haxpo track we will tell you in 30 minutes who we did managed project-S
So where are you waiting for, come over to the Haxpo!
Randomdata was invited again to join this years Hack in The Box' commsec village.
This years Commsec village consisted out of various hackerspaces but also some other communities like OWASP Netherlands, OHM2013 and Nikhef.
A wide range of hardware was available in the villages including 3D printers, Alarm systems, Old computers, LED's, OWASP rockets (grr!) and much, much more.
On the media side the Commsec village was a popular place to take photos, also the Dutch television was enjoying the hacky environment. HITB came in the news a lot with subjects but of course most media was interested in "old DDOS news", I'm glad we could convince them there where better subjects! You can find items on CNN, RTL Nieuws, Nieuwsuur but also the newspapers/sites had more then average attention for all the hackers.
The CTF was inspired by the game Pole position, the title was PWN position and the scoreboard was a racetrack!
One of the challenges at the CTF was supplied by Randomdata, we used one of the wireless alarms where we added a wireless sniffer and transmitter to. The challenge was to sniff the wireless signal, decode the pulses and find the "code" of the system. The easiest was to check the Randomdata wiki but the alarm was "anonymous" so it wasn't that easy. Second way was to sniff a "on" and "off" code, compare them and BOOM!
There were a lot of great talks this year; talks about aircraft hacking, failing customs, how Canon cameras can be used as spycams, and of course great keynotes!
For The Netherlands there where some hi-impact ones too:
*Wilco Baan Hofman, a friend of Randomdata and Bitlair member, was presenting a talk about alarm protocols (remember HITR2NDB?)
*Blasty presented a leak in KPN routers, I do have to say they fixed it fast and I liked their response :-)
You can find a copy of the slides at the
All in all another great HITB conference, let's hope 2014 will bring one as well!
On the 8th of this month it was time again for a real Hack In The Random 2600 NL Data box, the joined forces between Randomdata, Hack In The Box and 2600NL. 30 Invited attendees were able to gain the latest 1337 information from a great list of speakers. ...
The opening was done by DrWhax and Fish_ (who else :), announcing the future activities and wrapping up the last 10 months. For starters there was an update on Video Surveillance by Dave van der Poel, a nice overview about the current activities and possibilities on video surveillance. For the most of us it was, yet again, an acknowledgement of technology which can do more, gather more information and, if used wrong, be a dangerous tool for privacy. Next talk was done By Wilco Baan Hofman, he played enough with the SIA-HS alarm IP transmit protocol and cracked it, well, cracked... let's call it XOR. Next up was the coffee break and a lot of Clubmate clips where 3D printed so nobody lost his own bottle of Mate. Fresh and mate'd up, we started the live hookup of Spacenet of Randomdata by AK47. And, of course, it worked out of the box. After that it was time for some more heavy "shit", Blasty compiled a nice story of patching of binaries in memory. He didn't took the most easiest one. No, no, he had chosen a little nightmare called openssh. It worked out in a successful acceptance of his Pub key in the deamon, impressive stuff if you know what kind of hacks he needed. To finish the heavy stuff Aczid had a nice story about ELF binary debugging and anti-debugging, let's bring /proc/ a bit in to confusion! :D
To close the event we asked Winn Schwartau to give us a nice, inspiring talk, one of his main messages I remembered is about putting the right guy on the job. We (the people's) are often making the big mistake of putting a guy/girl on the job who fit the company profile, but what if he/she is autistic? Or has ADHD? No, we should first think about the quality and not focus on how strange somebody is. And let's be honest, aren't we all a bit strange? :D