Category: Programming

Def Con 27

stackstubsLeave a comment

This is the third and final part of my series on my trip to Hacker Summer Camp 2019 in Las Vegas. Follow the links to read about my thoughts on the Strip and my time at Black Hat USA.

Where to start…? Def Con 27 was amazing – perhaps even a life-changing experience. The annual hacker conference-come-party took all of the cool things I normally only find in weird places on the internet and brought them together in the real world in a selection of themed rooms spread throughout four Las Vegas hotels. There was so much going on that it was hard to choose what to do. I ended up spending roughly half my time exploring and the other half listening to talks, either in the villages or on DCTV in my hotel room.

On the exploration side, my favourite places were the Blue Team Village (mainly because it was full of “my people” and the most closely related to my work) and the Packet Hacking Village. The latter is home to the famous Wall of Sheep, which displays the usernames and passwords of less security-conscious attendees plucked from the airwaves, and though I didn’t have a laptop with me to get too technical, spending time observing and thinking about the possibilities has inspired me to brush up on my networking knowledge.

You’ll have to make do with my programme and badge, as photos of attendees are frowned upon

On the talks side, some of the most interesting sessions involved evading increasingly popular endpoint detection and response tools (either with some sneaky dynamically loaded code on Linux or with some cleverly crafted UEFI variables) and repurposing existing malware for other uses (which increases the chance your attack will be attributed to its nation state developers if discovered). And the Social Engineering village hosted some nice non-technical talks on subjects like OSINT and impostor syndrome, too.

Add to all of this the social element of Def Con, including arcade parties, hacker Jeopardy, and #BadgeLife – see my Instagram account to check out my small haul – and you have a memorable weekend that’s given me the energy for my next few months of coding and experimentation. I said before that I can’t really see myself returning to Las Vegas in future, but if I ever do, it’ll definitely be to go back to Def Con.

The joy of logging

stackstubsLeave a comment

Logging is the unsung hero of software development. At best it’s viewed as functional, and at worst it’s seen as a chore to implement and clutter in the working directory. But to me, there are few better tools to debug code in development, monitor for issues, and identify security incidents – and the bigger the repository for investigations, the better.

I recently finished implementing a basic logging system for a home project I’ve been working on this year. It’s very simple – at the beginning and end of each task the code calls a logging function and records what it was doing and whether it was a success or a failure. Still, the results have been invaluable in understanding crashes and issues ever since.

There’s a strange satisfaction to be found in gathering and filtering logs

I’d never done much log manipulation in the Linux command line before, either, always having had access to more sophisticated tools. After doing some digging (read: Googling), one of the biggest weapons in my arsenal is now the column command, which can read CSV files into neat tables, making them a lot easier to read in the terminal.

Combined with grep, it’s a powerful tool for searching a directory full of log files and displaying the results in a nice format. For example, I can search my logs for the word “Failure” to see any times where an action went wrong – perfect when you’re testing an application that’s designed to be run for long periods of time without interruption.