23C3 – Brain Overflow Mitigation

Die Aufnahmefähigkeit des menschlichen Gehirns ist doch sehr begrenzt und so kommt es beim Besuch einer Messe oder einer Konferenz wie dem 23C3 schnell zur Überlastung. Die Halbwertszeit des aufgenommenen Wissens sinkt dann sehr schnell auf unter 30 Minuten. Aus diesem Grund habe ich mich zur möglichst schnellen Aufbereitung der Vortragsinhalte – unter anderem mit diesem Blog – entschlossen.

Ich bin echt begeistert vom bisherigen Verlauf des 23C3. Die Organistation ist gut und bisher scheint alles glatt und ohne Zwischenfälle zu verlaufen.

Today I had a few minutes of spare time and coded my first test program in Groovy, which uses GSQL and Groovy closures to access an Oracle database via JDBC:

import groovy.sql.Sql;

def my_id = 3;
def sql = Sql.newInstance("jdbc:oracle:thin:@localhost:1521:XE",
            "DS2", "DS2", "oracle.jdbc.driver.OracleDriver");

println("Printout all Products:");
sql.eachRow("SELECT prod_id, title from products order by prod_id") {
    println("${it.prod_id}, ${it.title}");

println("Printout Product with Prod_id=3:");
sql.eachRow("SELECT prod_id, title from products where prod_id = ${my_id}") {
    println("${it.prod_id}, ${it.title}");

I am really impressed by Groovy. Nice scripting language and if you know Java it is quite easy to get started! But be careful with it. The power of that language comes from heavy usage of OO techniques like Introspection and Reflection. Extensive usage can make a program quite slow. So it is up to you and your requirements…

Yesterdays presentation on „JSON RPC – Cross Site Scripting and Client Side Web Services“ by Steffen Meschkat gave some inside information of the Google Maps API. He described in depth their approach with is very similar to an XSRF attack. They create SCRIPT-Tags on the fly to circumvent the same origin policy.

Again my stack for today:

23C3 – The Beginning

Die Faszination im IT-Bereich liegt mitunter darin das es quasi jeden Tag etwas komplett Neues zu entdecken gibt. Diesem Leitsatz folgend gab es gleich am ersten Tag des 23C3 eine geballte Ladung an neuen Themen.

Im ersten Vortrag von Rechtsanwalt Peter Voigt ging es um die Neufassung des deutschen Strafrechtsparagraphen 202c. Der Vortag war insofern interessant als das bereits bekannte Fakten nochmals für den rechtlichen Laien aufbereitet dargestellt wurden. Die Einführung dieser Änderung wird jedenfalls erhebliche negative Auswirkungen auf die Arbeit im IT-Security Bereich haben.

Sputnik RFID
The picture above shows the active RFID tag of the CCC Sputnik Project. The Sputnik project
is an self made location tracking system. The tag consists of an micro-controller and an NRF24L01 RF-IC. The location tracking is based on transmitting the tag ID with 5 different power levels and software based correlation of several readers.

In the next talk „Fudging with Firmware“ the speaker mainly focused on how to get started with an firmware image file – like you get it from your DSL-Router vendor.His tool UWfirmforce looks really interesting:

[frank@t01 UWfirmforce-0.0.1]$ wget http://www.uberwall.org/releases/UWfirmforce-0.0.1.tar.gz
[frank@t01 UWfirmforce-0.0.1]$ tar -xzvf UWfirmforce-0.0.1.tar.gz
[frank@t01 UWfirmforce-0.0.1]$ cd UWfirmforce-0.0.1
[frank@t01 UWfirmforce-0.0.1]$ make
make[1]: Entering directory `/tmp/UWfirmforce-0.0.1/plugins'
cc -W -fPIC -Wall -g -O2 -c ar.c


cc -o UWfirmforce UWfirmforce.o plugin.o  
UWfirmforce.o: In function `UWfirmforce_dlerror':
/tmp/UWfirmforce-0.0.1/UWfirmforce.c:298: undefined reference to `dlerror'
collect2: ld returned 1 exit status
make: *** [UWfirmforce] Error 1
[frank@t01 UWfirmforce-0.0.1]$ cc -o UWfirmforce UWfirmforce.o plugin.o -ldl
[frank@t01 UWfirmforce-0.0.1]$ ./UWfirmforce -v wgt634u_1_4_1_10.img | less

Analyzing file: wgt634u_1_4_1_10.img
Matching GZIP signature #0 at offset 26788
compression deflate, flags FNAME, 06/04/2005 07:27:46, OS Unix
Score: 100%

Matching CPIO signature #1 at offset 90769
binary big-endian, uid 21197, gid 19184, 16/06/1952 00:54:47
Score: 0%


The talk „Java wird Groovy“ was even more interesting. It was an short but quite good introduction to Groovy. The final talk of the day about the OpenXPKI project made references to the tools sscep and CertNanny which you should definitely checkout if you have to deal with SSL certificates.

Like yesterday my stack of talks for tomorrow:

23C3 – The Arrival

23C3 Berlin Central Station

Ich bin gerade mit dem Zug in Berlin angekommen um – wie jedes Jahr 😉 – am Kongress des CCC teilzunehmen. Ein ganz besonderer Gruß geht an dieser Stelle an meine Freundin Kerstin, die leider aus beruflichen Gründen nicht mit nach Berlin kommen konnte.

Hier schon mal mein „Vortrags-Stack“ für den ersten Tag:

22C3 is coming up

Wow, the end of 2005 is coming, so – same procedure as every year 😀
In my case that will be the 22nd Chaos Communication Congress. Just finished booking the train ticket and hotel.

22C3 Logo

The line-up of interesting talks is quite overwhelming this year. There are a lot of talks about buffer overflows and related topics – I am very curious about new approaches and developments concerning that craftwork…

The degree of collateral damage for this years congress will also be very amusing :-D. Last year we got a mass defacement for over 18.000 websites. Well nothing spectacular, but it hit the news and makes up the reputation…

If you are interested in digital life and/or computer security you may want to check out the 22C3 webblog or the schedule.

You also attend the 22C3? If you like get in touch with me… I am always happy to meet new and interesting people.

21C3 Video Recordings

Wow, it finally happend – the video recordings from the 21th Chaos Communication Congress are in the Torrent! Just have an look at the offical BitTorrent tracker.

Well I have my own list of favorite talks:

  • 013 The Art of Fingerprinting
  • 019 Verdeckte Netzwerkanalyse
  • 057 SUN Bloody Daft Solaris Mechanisms
  • 070 Fnord-Jahresrueckblick
  • 074 Hacker-Jeopardy
  • 097 Das Literarische Code-Quartett
  • 105 Honeypot Forensics
  • 109 Anti-Honeypot Technology
  • 123 Gentoo Hardened
  • 146 Mehr Sicherheit fuer HostAP-WLANs
  • 176 Passive covert channels in the Linux kernel
  • 308 MD5 To Be Considered Harmful Someday

To play the videos I had to make some small adjustments to mplayer. The AVI-Files use H.264 as videocodec and AAC (MPEG4) ID 0x706D as audiocodec. To get the audio I had to register libfaad2 for the ID 0x706D to hear the audio within mplayer. But that was all I had to do.