We met at the local coffee shop, tried (and failed) to flash a DC26 badge, and held a mini MohawkCon.
3D Printing Fails
The world of amateur consumer-grade 3D printing is fraught with challenges and opportunities for catastrophic failure.
We were on a pretty good roll for a while, some good large pieces completed nicely, we got the bed leveling procedure down to a science, the system seemed pretty reliable. Unfortunately, purely mechanical systems like this (at its core, 3d printing is just motors and heaters) prefer to revert to chaos. Vibration shakes things loose, and then all bets are off.
In this case, this piece was probably 80% done when the heating element set screw vibrated loose, and then the heating element itself shook itself loose from the extruder block, and then was just dragged around on the bed by its wires until it was discovered about 15 minutes later. You can see the melted areas along the rim where it dragged over those edges repeatedly, and then the melty paths along the floor of the surface where it was simply dragged across the floor. Gorgeous, and not the quickest repair job for the printer either.
Stardate 98195.74 — I have bitten off more than I can chew.
I have yet to even absorb the schedule for Def Con 28 Safe Mode. Don’t even get me started on the Million Channels of Discord. But here I am just the same, in addition to all the mental gymnastics to pump me up for this virtual con, having signed on to participate in a dynamic android debugging CTF remotely at work tomorrow afternoon.
In the process of installing all of the prerequisites, I discover/remember that I had Android Studio 3.1 on this laptop 27 months ago, for. a similar CTF, my first one at this job.
Also, installing Android Studio, plugins, SDK, tools, etc., makes a MacBook Pro a bit… WARM.
WOOHOO, I have a working Pixel 3a XL emulator!
Group Participation Invite for Def Con Safe Mode 28
My plan is to stay home from work on Thursday the 6th and Friday the 7th, and be as fully immersed in DCSM28 as I can be. It’s been an important part of my life these past few years, and I refuse to just pretend it’s not happening, or “skip a year.” It’s obviously going to be a very different experience this year than in prior years, so I’m staying open to that experience.
To that end, I’m planning on monitoring the DC540 Discord throughout the event, while participating in whatever ways reveal themselves.
Please feel free to join in if you’re so inclined.
DEFCON MUD
Are y’all playin’ EvilMog’s MUD yet?
Questionable USBs FTW
I bought some used Def Con USB sticks on ebay. They contain official presentations. I didn’t buy them for the presentations, though — those are available online on Def Con’s media site. I bought them because they are pretty cool Def Con branded swag.
Since I won three separate auctions (DC27, DC26, and one from Blackhat), I got a refund from the seller for a combined shipping discount. When I saw the seller’s name, I did a double-take.
I just bought USB sticks from one of the most well-known hackers on the planet.
This should be fun. And not scary at all.
Defcon badge info
SO the Defcon Badge deep-dive was well-received during tonight’s Zoom, there were some interesting ideas thrown about. For now, we’re collecting everything we figure out about it in the bad decisions discord. If you’re not on that, ask yourself what you’re even doing with your life.
Managing changed SSH keys in CentOS 8
All these years, I’ve dealt with changed SSH keys (you know, you go to SSH into something and you get the “key has changed” error:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
probably because you rebuilt the target server/vm, or you changed an IP somewhere, or whatever) by removing the entry from ~/.ssh/known_hosts. It’s a few annoying extra steps, but it has always worked for me. Call it “old reliable.”
With the release of CentOS 8, everything changes. Known hosts are now managed by sss. Maybe this happened somewhere else and I wasn’t aware of it, but this is how I was made aware of it:
Message as above, along with:
Offending ED25519 key in /var/lib/sss/pubconf/known_hosts:6
Well that’s new. And you can’t delete from that file, because it’s generated behind the scenes and then comes right back. Generated from ~/.ssh/known_hosts, apparently. And nobody wants to enter a new key manually as it suggests. The answer?
ssh-keyscan -t ecdsa 10.120.x.x >> ~/.ssh/known_hosts
(substituting your target IP, of course). Almost worth aliasing “whoopsienewkey” to it with a variable for the IP.
Anyhow, that’s all, I hope you’ve learned something today to make your day easier and brighter.
Defcon28 Badge
Anybody interested in collaborating to investigate the Defcon 28 tape badge to uncover its secrets? Hit me up if you’ve got ideas and cycles.
Hackerspace Bookshelf…
The DC540 hackerspace just got a bookshelf. It’d be pretty cool if it had more titles on it that are relevant to this thing of ours. If you’ve got infosec, hacking, telephony, o’reilly books, etc., you no longer need, please consider donating.