List of Security Conferences


I wanted to have a list of all the security conferences around the world for a quick reference so I compiled together a list.

DefCon http://www.defcon.org
BlackHat http://www.blackhat.com/
shmoocon http://www.shmoocon.org/
ToorCon http://www.toorcon.org/
you sh0t the sheriff http://www.ysts.org/
Hack.lu http://hack.lu
WOOTCon http://www.usenix.org/event/woot08/
Source Conferences http://www.sourceconference.com/
InfoSecurity Europe http://www.infosec.co.uk/
SyScan http://www.syscan.org
CONFidence http://confidence.org.pl/
CEICConference http://www.ceicconference.com/
RSA Conference http://www.rsaconference.com/
CanSecWest http://cansecwest.com/
EUSecWest http://eusecwest.com/
PACSec http://pacsec.jp/
BA-Con http://ba-con.com.ar/
Hack in the box http://www.hackinthebox.org/
Clubhack http://clubhack.com/
Xcon http://xcon.xfocus.net/
T2 Conference http://www.t2.fi
LayerOne http://layerone.info/
Owasp Conference http://www.owasp.org
DeepSec Conference https://deepsec.net/
FrHack conference http://www.frhack.org/
Shakacon http://www.shakacon.org/
Secrypt conference http://www.secrypt.org/
HackerHalted Conference
SecTor Conference http://www.sector.ca/
Microsoft Bluehat http://www.microsoft.com/technet/security/bluehat/default.mspx
ReCon http://recon.cx/
Hacker space festival http://www.hackerspace.net
RAID Conference http://www.raid-symposium.org/
Sec-T Conference http://www.sec-t.org/
BruCon http://www.brucon.org
DIMVA Conference http://www.dimva.org
SeaCure Conference http://seacure.it/
ColSec http://www.univ-orleans.fr/lifo/Manifestations/COLSEC
Auscert http://conference.auscert.org.au
RuxCon http://www.ruxcon.org.au/
uCon http://www.ucon-conference.org/
Chaos Communications Congress http://www.ccc.de/
Bellua Cyber Security http://www.bellua.com/bcs/
CISIS Conference http://www.cisis-conference.eu/
ATC Conference http://www.ux.uis.no/
NDSS Conference http://www.isoc.org/isoc/conferences/
EkoParty Conference http://www.ekoparty.com.ar/
No Con Name http://www.noconname.org/
KiwiCon http://www.kiwicon.org/
VNSecon http://conf.vnsecurity.net
EC2nd Conference http://www.ec2nd.org/
IMF Conference http://www.imf-conference.org/
BugCon http://www.bugcon.org/
Cyber Warfare http://www.ccdcoe.org
POC Conference http://www.powerofcommunity.net/
QuahogCon http://quahogcon.org/
NotaCon http://www.notacon.org
PhreakNic http://www.phreaknic.info
PlumberCon http://plumbercon.org/
Internet Security Operations and Intelligence http://isotf.org/isoi7.html

Certified Reverse Engineering Analyst Certified


This week I got the CREA certification to add to my list of CISSP, CEPT, Visa QSA. This certification required a good practical and conceptual knowledge of reverse engineering. The certification requires a good working knowledge of components such as IA-32 assembly language, malware reversing, expert level knowledge of IDA Pro, OllyDbg, HiEW, Dumpbin etc., PE File header, repairing packed and compacted binaries, using system level reversing etc. The exam was good and tested on the concepts of the reverse engineer.


Installing Firewalk on KUbuntu


Installing Firewalk turned out to be more complicated than I thought it would be. There were some compilation issues and some library errors.
The chief amongst them was:

checking for arp_get in -ldnet... no
configure: error: No libdnet? http://libdnet.sourceforge.net.

I did install libdnet using aptitude but it did not do the trick. Thereafer, searching a few forums got me this information. The “Libdnet” that Firewalk looks for is libdumbnet1 in the ubuntu language.
So I got the Debian packages from the following links:
I continued to get that error and no wonder because there was nothing in /usr/lib.
So I executed the following commands :

$ cd /usr/lib
$ sudo ln -s libdumbnet.so libdnet.so
$ cd /usr/include
$ sudo ln -s dumbnet.h dnet.h

Then there was a compilation error:

firewalk.c: In function ‘firewalk’:
firewalk.c:193: error: label at end of compound statement
make[1]: *** [firewalk.o] Error 1
make[1]: Leaving directory `/home/trance/Desktop/Firewalk/src'
make: *** [all-recursive] Error 1

So then opening the firewalk.c file in vim (and following up on line 193) showed that the “break;” statement was missing after default: switch statement.
So then I added the the following characters (without quotes) “break;” at a line above the comment as shown below:

/* empty */

$ ./configure
$ make
$ sudo make install
$ sudo cp man/firewalk.8 /usr/local/man/man8

Now firewalk was installed and ready to use!


Spike Fuzzer linker errors


I decided to play around with Spike fuzzer and encountered some weird errors during installation. I was using gcc 4.1.2.

gcc -ggdb -o generic_listen_tcp generic_listen_tcp.o dlrpc.o 
dlargs.o spike.o listener.o hdebug.o tcpstuff.o
spike_dcerpc.o base64.o udpstuff.o spike_oncrpc.o -ldl -L. -ldlrpc
/usr/bin/ld: generic_listen_tcp: hidden symbol `__stack_chk_fail_local' in
/usr/lib/libc_nonshared.a(stack_chk_fail_local.oS) is referenced by DSO
/usr/bin/ld: final link failed: Nonrepresentable section on output
collect2: ld returned 1 exit status
make: *** [generic_listen_tcp] Error 1

If you are also getting the same error, I would recommend that you do the following

SPIKE/SPIKE/src$ ./configure

Now open the Makefile in your favorite editor and edit the CFLAGS line to include the following option:


This is how my CFLAGS line looks like in the Makefile:

CFLAGS = -Wall -funsigned-char -c -fPIC -ggdb -fno-stack-protector

This should make it build fine (I do get a few warnings but that’s cool…it still does not result in a no-build.


Dell XPS M1210 Memory Upgrade


I recently purchased 2x2GB Memory upgrades for my fantastic Dell XPS M1210. To upgrade the memory there were 2 slots one located at the base of the laptop (the black bottom) and the other was located below the keypad. I searched a lot on the Internet but could not find the location of the 2nd slot.
The owner’s manual also did not mention the location of the DIMM B slot (the 2nd memory slot). See the details on the manual about how to remove the keyboard to reach the 2nd memory slot.
The key to reach the 2nd slot is to first remove the hinge cover (the cover that has three button saying Power, “Media Direct”, etc.). The hinge cover is not screwed so you can just lever it up using a thin, flat object and pop-it up, remove the three screws fixing the keyboad, pulling the keyboad out and right in the middle you will see the memory slot.
Hopefully, this post will help someone upgrading memory on their Dell XPS M1210.


Cell SDK on PS3 with Yellow dog linux 5.0


People tend to think that gone are the days when the “RPM Hell” used to exist. We have yum, aptitude and what not! If you install linux on a PS3, I’d like to bring you back to reality, especially like me when you have yellowdog 5.0 installed on a first gen PS3.
What is interesting is that all these package managers rely on repositories in /etc/yum.repos.d/*.
If you do not have the good repositories then you can kiss goodbye to installing the Cell Broadband Engine SDK provided by IBM. This SDK has the spu-gcc, spu-g++ which is the right set of compilers if you want to use the 1 master processor (Power Processor Element – PPE) and the other six SPE (Synergistic Processor Elements – SPEs) …think of these as slaves. You might wonder where’s the 7th of the cell processor, well, you cannot access it because it is used internally by the PS3 for virtualization.
So I got a yellow dog 5.0 iso image from here. I followed the instructions for installing it from here. I did this almost a year ago! Yes…I did actually keep it dead for a while! Then I installed gcc and compiled John the ripper! To my utter disappointment, there was no performance benefit!
Then Marc Bevand told me at Toorcon X that I needed spu-gcc to compile JTR on PS3 to get the benefits. So I got the cell sdk ISO from here. I then mounted the ISO.
mount -o loop cellsdk11.iso /mnt/disk
cd /mnt/disk
cd software
./cellsdk install
I got bunch of errors. It wanted me to install freeglut-devel and tk-8.4.*.
Thus began my journey of 10,000 steps to get the dependencies resolved and I burnt my fingers, keyboard, brains, etc….and although I realized that everyone in the US and the world had found hope…things were not looking bright for me! Until I bumped into this fantastic repository here. Trust me it took me about 8 hours of incessant installing and compiling (almost 120 odd different files) and scores of google searches to land me into this. I installed the glut, libx11, tk, tcl, libtcl, glut-devel, libstdc++, libstdc-so7, and many other packages that I cannot even recall now to get the cellsdk to work! And even though I did, I still couldnt get ./cellsdk install to work! After about 8 hours of effort and being so close to success just seemed evil. Then I realized that all the packages needed were related to the PPC64 simulator (libx11.ppc64, libtcl.ppc.64, etc.)…a quick look into the readme told me that I could neglect that using the –nosim directive to make it work.
./cellsdk install –nosim
A small step for mankind but a giant step for me!


Using Certificates with cURL


The problem: Using Digital Certificates issued by a Certification Authority (CA) with curl.

The situation: I have a .cer (Digital Certificate) file, .pfx (Personal Information Exchange file i.e., the private key for the certificate). I cannot use either of these to authenticate to the web service as curl would not accept these formats.

The solution:
1) Convert it into PEM format (X.509 certificate) using openssl.
openssl pkcs12 -in abcd.pfx -out abcd.pem
Enter a passphrase and a password.
2) Still you cannot use this with curl because you’d get a few errors.
3) Convert this PEM certificate into three different certificates for the client, the private key and the certification authority certificate.
openssl pkcs12 -in abcd.pfx -out ca.pem -cacerts -nokeys
openssl pkcs12 -in abcd.pfx -out client.pem -clcerts -nokeys
openssl pkcs12 -in abcd.pfx -out key.pem -nocerts
4) Use the following command:
curl -k https://www.thesitetoauthenticate.com/test -v –key key.pem –cacert ca.pem –cert client.pem:

This stuff is also mentioned on curl forum at http://curl.haxx.se/mail/archive-2005-09/0138.html