MCH2022 Curated content

Around the world in 80 networks, Hacking Universities Worldwide. ( ...lessons learned at age 15. )

Battery 🔋
Rob Coleman
After finding a 0-day in Canon hardware, we went on a hacking trip around the world. We exploited the hardware in 20 Universities worldwide We contacted Canon. Talks broke down. Our site got taken down. We learned lessons we didn't expect. We would like to describe the pleasure we had, the problems we faced, the moral dilemma's, and the solutions we found. Also we will include lots of screenshots and perhaps a live demo ?
It was a covid-lockdown period, oversight on homework and education of my son was my responsibility now, so i started with the basics: ...we are not the Protocol Police" ;) https://datatracker.ietf.org/doc/html/rfc8962#section-3.1 " We took a hacking "fieldtrip" around the world to all major Universities and some gov facilities. To our surprise we got in, ...and we got root. ... *Evil Grin* Here's what we learned. We exploited the hardware in 20 Universities, and published CVE-2021-38154 on https:/protocolpolice.org [offline now] See https://web.archive.org/web/20210829053914/https://protocolpolice.nl/CVE-2021-38154_Protocol_Police_Catwalk_Alert ( since takedown by Dutch gov. ) Our site got taken down by Dutch government, for some other fun we'll get to. We have learned lessons we didn't expect. We would like to describe the problems we faced, the moral dilemma's, and the solutions we found. The gaping hole that Dutch Justice will have to gap, to get to a point where they can start to understand what an RFC means, and how it will overrule Dutch Law any day, ... all year long ;) ( Been there, done that, .... made prosecution eat their paperwork. ) The Dutch gov has got a long road ahead on understanding the internet, where it will have to succeed in 1 of 2 options fast, ...because the Justice Departement is losing the battle: 1. - Make the whole world respect and acknowledge Dutch Law as a worldwide standard. 2. - Adapt it's attitude and start RTFM. ...That's an easy 50% chance, ..right? ...place your bets ;) Also we will include lots of screenshots and perhaps a live demo ? 1 Discovery of the Exploit: we were fooling around on Shodan and noticed how the server had multiple ports to the same portal. 2 We tried some big Universities and to our surprise we could get in and edit anything. 3 We did some quick research on how to write an advisory, and where to publish it. 4 We contacted Canon and hoped to work with them, ... not happening. 5 We reserved a CVE , and started latteral movement. 6 We tried to warn sys-admins in Universities worldwide. 7 Moving latteral... "remote cascading" 9 We exploited the * out of a lot of stuff, not fully realising the potential harm. 10 We looked at informing NCSC, here's why we could not talk to them: 11 We started emailing Certs of other countries, ... they DID respond and were glad with the heads-up before going live with the exploit 12 Nucleair data,... where to drop that ? 13 The takedown, ...Don't Talk To The Police!!! 14 Lessons learned. ( we never even got the f*ckin t-shirt ) 15 Questions?

Additional information

Type Talk
Language English

More sessions

7/22/22
MCH2022 Curated content
Elger "Stitch" Jonker
Abacus 🧮
⚠️ Warning! This talk may contain hackers. There may be hackers in the room. There may be hackers surrounding the room. There may be hackers recording this. There may be hackers listening in. There may be hackers that exfiltrate data. There may be hackers wearing shirts. There may be hackers carrying spying devices. OH NO! There are hackers EVERYWHERE! What can we do now, except having a party?
7/22/22
MCH2022 Curated content
SETUP, de Transmissie & Rodrigo Ferreira
Abacus 🧮
What do big tech, synthesizers, the crucifixion and Matthäus Passion have in common? Find the answer in the tech performance The Silicon Passion. We’ve all embraced big tech —but is it a warm hug or a strangulation? Bear witness to a debate of biblical proportions between tech nerds, technology and its users. In The Silicon Passion SETUP, in collaboration with de Transmissie (David Schwarz en Derk Stenvers) and Rodrigo Ferreira, is looking for a way out of the pit that technology has ...
7/22/22
MCH2022 Curated content
Clairvoyance 🔮
Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki: https://wiki.mch2022.org/Static:Lightning_Talks
7/22/22
MCH2022 Curated content
Kliment
Hardware Hacking Area 🤖
In this workshop, we will learn how to assemble tiny parts on circuit boards by building an electronic touch-activated purring kitten. Anyone can do it. Yes, even you who never touched anything electronic before. Takes 120mins, 20€/kit, avoid caffeine immediately before. Max 10 participants per session, sign up on PAPER at the Hardware Hacking Area.
7/22/22
MCH2022 Curated content
Mikko Hypponen
Abacus 🧮
This is a submission for a keynote talk at MCH2022. The Internet is both a familiar, comfortable place as well as a bottomless rabbit hole you can lose yourself in. The Internet has always been like this from its inception, the difference now is the scale and consequences are almost immeasurable - and it tests the limits of human imagination. When you look into the mirror of the Internet what you see reflected back depends on what you are looking for. It has become largely a reflection of ...
7/22/22
MCH2022 Curated content
Bjarni Rúnar Einarsson
Battery 🔋
Have you ever forgotten a passphrase or lost a hardware token? Lost access to enough Bitcoin to buy a pizza or two? Encryption is fundamental to securing our liberties, but key and password management remain difficult even for professionals, let alone the general public. This talk presents Passcrow, an Open Source project attempting to address one of crypto's largest usability issues: password and key recovery in a decentralized environment.
7/22/22
MCH2022 Curated content
Battery 🔋
Thanks to DNSSEC and DANE, it is possible to automatically verify user@domain.name identities by checking with domain.name servers. The real problem however, is integration with existing protocols, instead of inventing something completely new and perhaps web-only. The purpose of our work on Realm Crossover mechanisms has been to design generic solutions that extend many different application protocols, without changing their protocol specs.