I have been meaning to checkout all the latest 2014 infosec conferences, but havent had time. Don't know how in world I missed these!
take a look at the fantabulous archive.org:
Controlling USB Flash Drive Controllers: Expose of Hidden Features Richard Harman
https://archive.org/details/ShmooCon2014_Controlling_USB_Flash_Drive_ControllersQuote:
With stories of "BadBIOS" infecting PCs simply by connecting a malicious USB flash drive to a PC, it's time we learned about flash drives and their controllers. Consumer USB flash drives are cheap, growing in capacity and shrinking in physical size. There are only around 15 prominent controller chip manufacturers whom you have never heard of, but OEM for all the popular and respected "name brands" on the market. These flash controllers have capabilities that aren't mentioned on product packaging, and can be enabled with programming you will learn during this presentation. These flash controllers can be *reprogrammed entirely* via software to do whatever you want.
Turn an old flash drive into an emulated CDROM or a CDROM + flash drive. Update the controller's firmware, disassemble it, etc. This talk will touch on the various controller manufacturers, features, and show you how to leverage them for yourself. Why spend $100 on an old SanDisk[tm] U3 Cruiser when you can spend $4 for the same features?
Richard Harman is an incident responder at SRA International's internal Security Operations Center, where he slings Perl code supporting incident response and performs analysis & reverse engineering of targeted attack malware samples. He writes and releases scripts in support of his work on github at
http://github.com/warewolf. Outside of his day job, he can be found hacking on projects at the Reston, VA hackerspace Nova Labs
http://www.nova-labs.org.
This movie is part of the collection: Shmoocon 2014
Producer: Richard Harman
Everyone needs to sniff USB at some point. how about NOT spending thousands on the usual USB debuggers:
An Open and Affordable USB Man in the Middle DeviceDominic Spill
https://archive.org/details/ShmooCon2014_An_Open_and_Affordable_USB_Man_in_the_Middle_DeviceQuote:
With the introduction of FaceDancer, there has been a surge of interest in USB security. USBProxy is an open framework for the BeagleBone Black to make it simpler for anyone to monitor, inject or modify data carried over a USB connection. While the FaceDancer will allow devices to be written on a host system, we are able to go further and man-in-the-middle connections to existing devices as well. The BeagleBone Black also enables us to operate at USB 2.0 Hi-Speed.
Dominic Spill has been building Bluetooth packet sniffers since 2007; he now works on Ubertooth and Daisho among other communications sniffing projects.
This movie is part of the collection: Shmoocon 2014
Producer: Dominic Spill
And you might have your own opinions about the stuff put out by Scott Moulton, but how many people are actually putting out anything? He works hard and talks hard and is generous with the info. I find it is always better to have read/watched something than to not.
You Don't Have the Evidence Scott Moulton
https://archive.org/details/ShmooCon2014_You_Dont_Have_the_EvidenceQuote:
Forensic imaging tools have one purpose, to soundly copy every sector on a device to a destination device and report success or failure without changing data. In the last 20 years most forensic imaging tools have not progress and continue to use the same basic code for imaging a drive. When encountering damage many of the tools have no ability to deal with the damage and quit, crash, or worse; do more damage to the drive they are trying to recover from. Imaging damaged drives are where forensic tools are delivering the most disappointing results.
Data Recovery tools and skills are important when acquiring the data from damage disks, but also understanding what you are not getting when imaging a forensic job is just as important. There are special ways to access the data, the controller on the hard drive, repair the damaged boards, and even to adjust heads by turning off damaged ones, copying all the data from the good platters before dealing with the damaged heads. Data recovery imaging tools have some very advanced functions and capabilities for imaging damaged hard drives and damaged sectors that forensic tools are incapable of finishing. I will be discussing these different techniques and the errors exhibited by the drive and sectors to better help understand what you are missing and why.
Scott Moulton is known both for his trademark 'Forensic Unit' hat and his unholy knack for finding new data recovery techniques the other experts don't want you to know. Scott is owner of both My Hard Drive Died.com and Forensic Strategy Services and fills his days recovering data from all kinds of storage devices, testifying in court, and teaching others to do data recovery. Scott teaches a full 5 Day Forensic Bootcamp Data Recovery Class that includes advanced repairs of badly damaged drives and all the tools used by Data Recovery and Forensic shops. Scott's DIY videos are on
http://www.MyHardDriveDied.comThis movie is part of the collection: Shmoocon 2014
Producer: Scott Moulton
FAQ
Search
Login
Register
HDDGURU FILES
