Industry Trends 2016 Wrap-Up

By Axelle Apvrille | October 25, 2016

This year I again attended Hack.Lu 2016. Whether it’s free workshops, CTF, or lightning or regular talks, there are many ways to learn new stuff. Not to mention the kind and informal atmosphere of the conference. Let me give you an example that perfectly illustrates the atmosphere: during lunch I started talking Bluetooth Low Energy with a fellow researcher (@virtualabs), and...we ended up tearing down his connected toothbrush!

Figure 1. Toothbrush teardown

I told him about my findings (demoed at VB 2016) about remote controlling a toothbrush over BLE, and he shared his new MITM framework for BLE. No doubt, his tool can be used to MITM the smartphone, and easily replay BLE packets to control the toothbrush. In fact, he actually demonstrated his tool during a talk at the conference, and showed he was able to recover clear text passwords for connected locks, or replay/modify sound packets for a connected robot!

Figure 2. @virtualabs in action

Workshops are another great part of Hack.Lu. You don't often have free workshops (actually, they are closer to short trainings) at conferences, and I decided to attend a ROP gadget workshop. Like many of you, I know the theory (i.e. gathering bits of existing code and reusing them for your own needs), but the practice is different: Which address are you going to overwrite? Which gadget are you going to use? What if there isn't exactly the right gadget you are looking for,? And on and on. While attending the workshop I practiced a little with gdb add-ons such as gef or peda, learned to list available gadgets with ROPGadget, and also found out that playing with gadgets is very much like playing with lego blocks: you never quite have the brick you want, but you can workaround the issue and still manage to create the thing you wanted.

Of course, I should also mention I gave my own workshop on Android malware reverse engineering. I believe the attendees enjoyed it, and the (large) room was close to being full. If you missed it, you might be interested to download my docker image, which contains most of the free tools for Android RE.

-- the Crypto Girl