Please come to the foyer of the National Convention Centre to pick your pack up the day before the conference and beat the crowds

This talk covers the history and ethos of hackercons in Australia with some tips and advice on how to get the most out of the conference.

This talk will go over the ways a hacker conducts reconnaissance against an organisation to select targets best suited for a DoS attack. Following that, we will provide methods for defending your organisation and web applications.

DoS attacks are a topic at the front of a lot of people's minds at the moment. This talk will examine how a hacker selects targets within an organisation with a goal of causing the greatest business disruption.
Attackers can find juicy targets in more ways than you would initially think. A range of discovery techniques will be presented. People watching this talk will not be left hanging, as it will finish with how you can protect your assets from DoS attacks (spoiler: a CDN, WAF or DoS scrubbing are not magical cures on their own).

A black bag is a physical security competition where teams of participants attempt to capture intelligence (flags) from a physical environment without being detected.

Registration can be done here: https://blackbag.redacted.au/

This panel will feature top security executives who will share insights into their roles and discuss the current cybersecurity landscape.

Bored with tcpdump? IDA got you down? Forget your neglected VMs, come hack hardware! Bring your RTL-SDR dongles, buspirates, and '80s phone phreaking kit - let's hack together!

Soldering irons will be available for all you tech wizards. You can use them to make badge modifications or for any other hardware hacks you have in mind. Need help with your conference badge? We've got your back! Our experts will be there to assist you.

Radios are everywhere, and RF technology is applied in places you might not even have thought of. This usage is only going to grow, so come learn how it all works. Discover what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The Hardware and Wireless Village is not just about learning; it's also about putting your skills to the test! Get your game faces on because the Wireless CTF (Capture The Flag) will be hosted right here. Challenge your wireless hacking prowess and compete with fellow hackers to claim the ultimate glory!

The Hardware and Wireless Village is the perfect space for you to learn and experiment with a variety of RF devices and technologies. And guess what? We've got scheduled talks lined up too! Get ready to be amazed by live demos featuring the legendary Flipper Zero, a variety of SDRs, and other captivating radio equipment.

So, hackers and radioheads, mark your calendars for the Hardware and Wireless Village - the ultimate haven for tech-savvy explorers. Prepare to be amazed, educated, and inspired like never before! Let's hack, solder, and radiate our way to a tech-filled adventure together!

A Capture-The-Flag (CTF) competition is a fun way to get started in the cyber security field, learn new skills and challenge yourself. However, it can be daunting, especially if you've never played before.

This session will be an introduction to CTFs, including how to get set-up, what tools you may like to use, and how you can go about solving challenges! It will walk through the different challenge categories and may even walk through the solutions to some of the entry level challenges from previous years.

The target audience for this presentation are beginners in the industry, and those that have never played a CTF before, or would like to learn more about the game. It will be repeated twice across Thursday and will be a great introduction to the BSides Canberra CTF running Friday and Saturday 🤓

Get ready to immerse yourself in the captivating world of locksport. Our doors swing open each day from 10 am to 5 pm, welcoming all curious souls. Locks, tools, and seasoned instructors are at your disposal, so why not seize this golden opportunity to learn a trick or two from the experts?

The Locksport Village is not just a fancy display; it's a hands-on experience zone for all things related to physical security. Step into the world of lock vulnerabilities and the techniques used to exploit them. Want to put your newfound knowledge to the test? Practice on locks of varying difficulty levels and see if you have the skills to outwit the toughest tumblers!

Whether you're a complete beginner or an experienced lockpicker, our village is the place to be. Learn the secrets of lock mechanisms, understand their weaknesses, and hone your skills like a true lockmaster. Who knows, you might just uncover a hidden talent that could rival the best spies out there!

Industry professionals will break down specialised areas of security, such as red teaming, penetration testing, and incident response etc, sharing the necessary skills, daily tasks, and advice on how to break into these fields.

Radios are everywhere, and RF technology is applied in places that you might not even have thought of, and this usage is only going to grow. Come learn how basic Radio technology works, what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The RF village is a space to allow participants the opportunity to learn and experiment with a variety of RF devices and technologies. As a bonus, we may even inspire your next revolutionary project idea! We'll be doing a few live demos with the Flipper Zero, a variety of SDR’s as well as other radio equipment.

Disclaimer: no responsibility taken if this workshop also inspires your next eBay spending spree.

Panel Discussion with Adam Foster

Ever wanted to design a PCB but unsure where to begin? This workshop will be a guided tour through designing a badge add-on in KiCad, concluding in assembly of the add-on which you can proudly attach to your conference badge to show off your newly acquired skills. Please bring a laptop with KiCad installed and a mouse to get the most out of the workshop.

Learn how to build basic malware in C# and how to bypass modern AV and EDR products.

With the increased use of smart office technology there are more avenues to leverage software vulnerabilities to remotely control access to carparks, buildings, rooms, lockers, etc. In this talk we will explore a few solutions and some of the issues with these solutions and how they can be (ab)used.

Participants will learn how to create effective resumes and improve their chances of landing their desired roles.

Attendees will have the opportunity to network with hiring managers seeking to expand their teams.

Careers Panel

Cyberattack is about data and integrity not only network security, as breaches also effect an enterprise’s values, reputation and brand. Cognitive hacking using dis-mis-mal-information is cyberattack aimed at manipulating perception and exploiting psychological vulnerabilities to change behaviour. This makes online influence campaigns across social media, the internet and networking infrastructure a cyber problem and solutions part of the cyber environment. We know disinformation can amplify social tensions and unsettle communities, but to what degree can it be intentionally weaponised on a population without it’s knowledge? The extent of online disinformation damage remains unclear and mostly assumed not proven because it is difficult linking specific measurable indicators. Social media platforms are commercial businesses balancing financial incentives with at least the appearance of social responsibility and as Big Tech ramps up censorship purging dissenting voices, questions continue if this will fix the problem.

In the early ages of machine learning we've seen memes, misinformation and music videos. In this talk we look at the concepts of identity - specifically document verification and biometrics commonly used in sectors such as fintech, medical and other major sectors for online verification of identity. We tested (with permission) 4 major vendors in this space and highlight weak spots in both the technology, the concept of identity and call upon the machine uprising to use their own powers against them. live demos, fun and cause for concern.

A Capture-The-Flag (CTF) competition is a fun way to get started in the cyber security field, learn new skills and challenge yourself. However, it can be daunting, especially if you've never played before.

This session will be an introduction to CTFs, including how to get set-up, what tools you may like to use, and how you can go about solving challenges! It will walk through the different challenge categories and may even walk through the solutions to some of the entry level challenges from previous years.

The target audience for this presentation are beginners in the industry, and those that have never played a CTF before, or would like to learn more about the game. It will be repeated twice across Thursday and will be a great introduction to the BSides Canberra CTF running Friday and Saturday 🤓

Industry professionals will break down specialised areas of security, such as red teaming, penetration testing, and incident response etc, sharing the necessary skills, daily tasks, and advice on how to break into these fields.

Difficult to detect and pervasive in nature, cloud attack techniques attract the likes of APT groups like Nobellium who have increased their focus on abusing identity federation. Techniques like Golden SAML and AD FS skeleton keys provide threat actors the double-edged sword of combining both lateral movement and privilege escalation into a single technique – with the added benefit of leaving little trace in the cloud logs for defenders.

For a long time, compromise and detection has focused primarily on on-premises techniques, but the ecosystem has shifted, and the cloud is the new frontier. As most organizations utilise cloud services in one way or another – it’s only a matter of time before we see commodity threat groups and other nation states abusing these techniques. This talk aims to break down APT techniques in the cloud like Golden SAML and AD FS skeleton keys to demonstrate the wide range of possibilities of cloud compromise, and to highlight the future of cloud attacks and the untapped research potential yet to be uncovered.

What is Application Security with Louis Nyffenegger

Radios are everywhere, and RF technology is applied in places that you might not even have thought of, and this usage is only going to grow. Come learn how basic Radio technology works, what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The RF village is a space to allow participants the opportunity to learn and experiment with a variety of RF devices and technologies. As a bonus, we may even inspire your next revolutionary project idea! We'll be doing a few live demos with the Flipper Zero, a variety of SDR’s as well as other radio equipment.

Disclaimer: no responsibility taken if this workshop also inspires your next eBay spending spree.

A session providing an update on what the cyber security industry in Australia looks like in terms of jobs in the market and trends in the industry. I have been tracking this data for over nearly two years.

Point of sale devices are found in many retail outlets and handle sensitive financial, sometimes personal, information. They're easy to use and easy to reach. It literally pays to wonder, how are they protected? Sometimes there are locks to keep out curious customers, and many devices employ proprietary communications protocols as a barrier against less sophisticated signal sniffing attacks. I recently had the opportunity to conduct security assessments on a couple of such devices. In this talk, I'll explain what hardware hacking techniques I used to perform a black-box analysis of these devices. I'd expect any bad actor to do the same.

Supply chain attacks are bad. Supply chain attacks conducted by North Korea are worse.

This presentation provides a “view from the trenches” of how to confidently detect, analyse, and attribute activity conducted by the Democratic People’s Republic of Korea (DPRK) adversary LABYRINTH CHOLLIMA. Incorrectly assumed (by some) to be a “less sophisticated” adversary, this presentation will demonstrate their tradecraft improvements through multiple technical case studies, including the detection and analysis of a recent software supply chain attack.

For delegates identifying as women, please join us for a cocktail event on Level 1 in the Ballroom Foyer.

When Exploits Aren't Binary

Bored with tcpdump? IDA got you down? Forget your neglected VMs, come hack hardware! Bring your RTL-SDR dongles, buspirates, and '80s phone phreaking kit - let's hack together!

Soldering irons will be available for all you tech wizards. You can use them to make badge modifications or for any other hardware hacks you have in mind. Need help with your conference badge? We've got your back! Our experts will be there to assist you.

Radios are everywhere, and RF technology is applied in places you might not even have thought of. This usage is only going to grow, so come learn how it all works. Discover what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The Hardware and Wireless Village is not just about learning; it's also about putting your skills to the test! Get your game faces on because the Wireless CTF (Capture The Flag) will be hosted right here. Challenge your wireless hacking prowess and compete with fellow hackers to claim the ultimate glory!

The Hardware and Wireless Village is the perfect space for you to learn and experiment with a variety of RF devices and technologies. And guess what? We've got scheduled talks lined up too! Get ready to be amazed by live demos featuring the legendary Flipper Zero, a variety of SDRs, and other captivating radio equipment.

So, hackers and radioheads, mark your calendars for the Hardware and Wireless Village - the ultimate haven for tech-savvy explorers. Prepare to be amazed, educated, and inspired like never before! Let's hack, solder, and radiate our way to a tech-filled adventure together!

Get ready to immerse yourself in the captivating world of locksport. Our doors swing open each day from 10 am to 5 pm, welcoming all curious souls. Locks, tools, and seasoned instructors are at your disposal, so why not seize this golden opportunity to learn a trick or two from the experts?

The Locksport Village is not just a fancy display; it's a hands-on experience zone for all things related to physical security. Step into the world of lock vulnerabilities and the techniques used to exploit them. Want to put your newfound knowledge to the test? Practice on locks of varying difficulty levels and see if you have the skills to outwit the toughest tumblers!

Whether you're a complete beginner or an experienced lockpicker, our village is the place to be. Learn the secrets of lock mechanisms, understand their weaknesses, and hone your skills like a true lockmaster. Who knows, you might just uncover a hidden talent that could rival the best spies out there!

A black bag is a physical security competition where teams of participants attempt to capture intelligence (flags) from a physical environment without being detected.

Registration can be done here: https://blackbag.redacted.au/

The Cybears will return to run the BSidesCBR 2023 Capture-The-Flag competition! A CTF is a competition where teams use their knowledge of computer and network security to solve challenges in a Jeopardy format. The challenges may cover topics such as web exploitation, binary exploitation, cryptography, reverse engineering and will include challenges for people just getting started in the industry as well as seasoned CTF players.

Registration will open after the keynote and winners will be announced during the closing ceremony.

https://ctf.cybears.io

Do you want to try out your incident response skills for a day? Want to know what it is like to perform technical analysis when the pressure is on? Come and try the Australian Cyber Security Centre’s Incident response game – HuntIR. HuntIR is an incident response game developed by the Digital Forensics Incident Response team that focuses on the analysis of technical artefacts to answer key investigation questions. Each player is given 24 hours to perform technical analysis on their own unique incident that includes various logs including process listings, autoruns, IIS access logs and more. Stay in regular contact with your victim organisation by answering their questions about the compromise as you work through fully understand the compromise. Your victim org is counting on you!

Radios are everywhere, and RF technology is applied in places that you might not even have thought of, and this usage is only going to grow. Come learn how basic Radio technology works, what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The RF village is a space to allow participants the opportunity to learn and experiment with a variety of RF devices and technologies. As a bonus, we may even inspire your next revolutionary project idea! We'll be doing a few live demos with the Flipper Zero, a variety of SDR’s as well as other radio equipment.

Disclaimer: no responsibility taken if this workshop also inspires your next eBay spending spree.

This is a day I've been looking forward to for 15 years. Every once in a while a revolutionary conference badge comes along that changes everything. And BSides Canberra has been fortunate to deliver a few of these into the world. In this talk I will be introducing 3 new products in this class - a colour screen badge with touch controls, a revolutionary hardware learning device and the 3rd is a breakthrough hacking and CTF challenge.

For those new to hardware design, this talk will walk you through the details of electrical schematics, PCB layout and embedded software development. Follow this hardware fanboy through the trials and tribulations of making a conference badge. And you will will leave with the starting knowledge to develop your own circuit boards and begin your journey to becoming a hardware genius.

Ever wanted to design a PCB but unsure where to begin? This workshop will be a guided tour through designing a badge add-on in KiCad, concluding in assembly of the add-on which you can proudly attach to your conference badge to show off your newly acquired skills. Please bring a laptop with KiCad installed and a mouse to get the most out of the workshop.

The Scudo allocator is a memory allocator designed primarily for C/C++. Designed as part of the LLVM project, it has gained popularity as an alternative choice to allocators like ptmalloc2, most prominently being used as Android's default allocator since Android 11. Scudo aims to provide efficient memory allocation and deallocation whilst mitigating common vulnerabilities such as heap buffer overflows, use-after-frees, and double frees. As the risk associated with these vulnerabilities continues to rise, scudo is primed to become more and more of a prominent choice for developers to use.

This talk will cover a high-level overview of the current, as well as completely new, exploitation techniques related to the scudo allocator. We will run through the inner workings of the allocator, looking at security-based design choices such as quarantine regions, randomized allocation, red-zone regions, and hardened headers. Then, we'll review the existing research for exploiting the allocator, before demonstrating completely new techniques that expand what scenarios are possible to exploit. Attendees will gain a proper understanding of the motivations behind scudo's design choices, and the go-to techniques for exploiting the allocator.

Cryptographic libraries such as OpenSSL and GNU Nettle form the backbone of security in the current day. Proving authenticity online, establishing secure communication channels etc all depend on complex mathematical structures, including algebraic groups on Elliptic Curves.

But what is an Elliptic Curve? This talk will discuss the underlying arithmetic used in ECC, why it might be unwise to roll your own crypto (even if you understand the maths), and how to perform both fast (and secure) finite field arithmetic.

Come along if you have an interest in the mathematics of cryptography and better understanding how it is implemented.

With an ever increasing number of developers using .NET based game engines, game modders have developed sophisticated tools which can interact with the .NET Common Language Runtime to modify game mechanics, add features and fundamentally modify how games operate at runtime.

But what's stopping us from using these tools to mess with other .NET based applications? Say...an IIS web server running Microsoft Exchange?

Absolutely Nothing!

Join me as I deploy Harmony, a popular .NET method hooking library, onto a Microsoft IIS server inorder to access (and tamper with) method parameters, return values and functionality.

I'll demonstrate several methods to load Harmony into IIS before looking at the level of control Harmony gives us over various interesting methods regular web applications utilise.

Next I'll explore some defensive uses for method hooking including logging method parameters sent to commonly abused functions, preventing method calls, and messing with adversaries by tampering with outputs.

I'll also cover some offensive uses for method hooking such as password logging and persistence.

Since its debut in 2017, Get-InjectedThread.ps1 has been a blue team staple for identifying suspicious threads via their start addresses. However, red teams have subsequently identified low-cost evasion techniques to counteract this - obfuscating their shellcode threads with start addresses within legitimate modules.

This talk will outline the memory artifacts that each evasion leaves behind and the development of an updated script which may be used to detect them.

Radios are everywhere, and RF technology is applied in places that you might not even have thought of, and this usage is only going to grow. Come learn how basic Radio technology works, what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The RF village is a space to allow participants the opportunity to learn and experiment with a variety of RF devices and technologies. As a bonus, we may even inspire your next revolutionary project idea! We'll be doing a few live demos with the Flipper Zero, a variety of SDR’s as well as other radio equipment.

Disclaimer: no responsibility taken if this workshop also inspires your next eBay spending spree.

The Linux kernel is everywhere. It's running on billions of devices here on Earth, and quite a few in space, too. Linux is big and complex: it does a lot of stuff, it runs on a lot of things, it's deployed in a lot of ways, and it has many distributions with many versions, each with their own modifications.

Linux is the dream target for attackers. It's everywhere. If there's low-hanging fruit in the kernel, your system is compromised.

Thankfully, the kernel has come a very long way in terms of defending itself against attacks. From the early days of accidental security features intended as debugging aids to modern fuzzers, sanitisers and hardware-assisted memory protections, Linux is a much tougher target than it used to be.

In this session, we'll recount the journey of an operating system and its community as they fail, learn and grow together. We'll explore the details of how many of the kernel's key hardening features work and how they came to be, the key moments in history that led to big changes in the community, and take a look at the state of Linux security in the modern era.

As the use of AI in cybersecurity continues to grow, many researchers have looked to large language models (LLMs) to help identify vulnerabilities in code. However, recent studies have shown that LLMs may not be as effective as initially thought, and can even introduce new vulnerabilities into code. This talk will explore the potential risks and challenges associated with using LLMs for vulnerability detection, including the potential for introducing new vulnerabilities into code.

One example of this is the recent introduction of GitHub Copilot, an AI-powered tool that generates code based on natural language prompts. While Copilot has been hailed as a revolutionary tool for developers, it has also been found to produce code with vulnerabilities, highlighting the potential risks associated with using LLMs for vulnerability detection.

In this presentation, we will showcase instances of AI-generated vulnerabilities, despite the incorporation of Copilots' “AI-based real time vulnerability filtering system”. However, we will also delve into the ways in which AI prompt engineering can be tailored to address this problem and emphasize the significance of secure coding practices. We will also discuss the importance of carefully validating the output of LLMs and conducting manual code reviews to ensure that any vulnerabilities introduced by LLMs are identified and addressed.

Additionally, we will review recent research in the area of AI-based vulnerability detection. By the end of this talk, attendees will have a better understanding of the benefits and limitations of AI-based vulnerability detection as well as code generation and will be able to make informed decisions about when and how to incorporate these tools into their own security review and software development practices.

The BSides Canberra Official Party is back for 2023. It will be a foodies heaven with food to purchase and a sizeable bar tab. Join us to celebrate on Friday night. More details on the location will be given at the conference.

A black bag is a physical security competition where teams of participants attempt to capture intelligence (flags) from a physical environment without being detected.

Registration can be done here: https://blackbag.redacted.au/

The Cybears will return to run the BSidesCBR 2023 Capture-The-Flag competition! A CTF is a competition where teams use their knowledge of computer and network security to solve challenges in a Jeopardy format. The challenges may cover topics such as web exploitation, binary exploitation, cryptography, reverse engineering and will include challenges for people just getting started in the industry as well as seasoned CTF players.

Registration will open after the keynote and winners will be announced during the closing ceremony.

https://ctf.cybears.io

Do you want to try out your incident response skills for a day? Want to know what it is like to perform technical analysis when the pressure is on? Come and try the Australian Cyber Security Centre’s Incident response game – HuntIR. HuntIR is an incident response game developed by the Digital Forensics Incident Response team that focuses on the analysis of technical artefacts to answer key investigation questions. Each player is given 24 hours to perform technical analysis on their own unique incident that includes various logs including process listings, autoruns, IIS access logs and more. Stay in regular contact with your victim organisation by answering their questions about the compromise as you work through fully understand the compromise. Your victim org is counting on you!

Join Louis, who has spent a decade guiding others through PentesterLab, as he helps us delve into the journey from beginner to mastery. This talk will outline this exhilarating journey, providing practical advice on how to seamlessly transition from one learning stage to the next. We will also tackle the common challenges and setbacks most individuals encounter on this learning path.

Transforming from a beginner to a professional requires a significant shift in mindset - a key idea that Louis will emphasize throughout this talk. He'll also draw intriguing parallels between the process of learning technical security and other disciplines.

Don't miss this enlightening session, as we embark on a journey to explore the thrilling, yet demanding path to mastery.

Bored with tcpdump? IDA got you down? Forget your neglected VMs, come hack hardware! Bring your RTL-SDR dongles, buspirates, and '80s phone phreaking kit - let's hack together!

Soldering irons will be available for all you tech wizards. You can use them to make badge modifications or for any other hardware hacks you have in mind. Need help with your conference badge? We've got your back! Our experts will be there to assist you.

Radios are everywhere, and RF technology is applied in places you might not even have thought of. This usage is only going to grow, so come learn how it all works. Discover what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The Hardware and Wireless Village is not just about learning; it's also about putting your skills to the test! Get your game faces on because the Wireless CTF (Capture The Flag) will be hosted right here. Challenge your wireless hacking prowess and compete with fellow hackers to claim the ultimate glory!

The Hardware and Wireless Village is the perfect space for you to learn and experiment with a variety of RF devices and technologies. And guess what? We've got scheduled talks lined up too! Get ready to be amazed by live demos featuring the legendary Flipper Zero, a variety of SDRs, and other captivating radio equipment.

So, hackers and radioheads, mark your calendars for the Hardware and Wireless Village - the ultimate haven for tech-savvy explorers. Prepare to be amazed, educated, and inspired like never before! Let's hack, solder, and radiate our way to a tech-filled adventure together!

Get ready to immerse yourself in the captivating world of locksport. Our doors swing open each day from 10 am to 5 pm, welcoming all curious souls. Locks, tools, and seasoned instructors are at your disposal, so why not seize this golden opportunity to learn a trick or two from the experts?

The Locksport Village is not just a fancy display; it's a hands-on experience zone for all things related to physical security. Step into the world of lock vulnerabilities and the techniques used to exploit them. Want to put your newfound knowledge to the test? Practice on locks of varying difficulty levels and see if you have the skills to outwit the toughest tumblers!

Whether you're a complete beginner or an experienced lockpicker, our village is the place to be. Learn the secrets of lock mechanisms, understand their weaknesses, and hone your skills like a true lockmaster. Who knows, you might just uncover a hidden talent that could rival the best spies out there!

The changing way our operational technology environments are connected and operated exposes our critical infrastructure to more cyber security threats than ever before. This presentation will discuss the Rack for Substation Protection, a new physical system recently purchased to enable research and training of protection relays, a critical component of electrical substations.

Radios are everywhere, and RF technology is applied in places that you might not even have thought of, and this usage is only going to grow. Come learn how basic Radio technology works, what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The RF village is a space to allow participants the opportunity to learn and experiment with a variety of RF devices and technologies. As a bonus, we may even inspire your next revolutionary project idea! We'll be doing a few live demos with the Flipper Zero, a variety of SDR’s as well as other radio equipment.

Disclaimer: no responsibility taken if this workshop also inspires your next eBay spending spree.

Ever wanted to design a PCB but unsure where to begin? This workshop will be a guided tour through designing a badge add-on in KiCad, concluding in assembly of the add-on which you can proudly attach to your conference badge to show off your newly acquired skills. Please bring a laptop with KiCad installed and a mouse to get the most out of the workshop.

Escaping from both computer and piano keyboards, the singers of AFK are here to entertain with music inspired by classics of geek culture including Star Wars, Star Trek, zombies, computer games, and Lord of the Rings, along with the ought-to-be-classics by Jonathan Coulton and Miracle of Sound.

Performances may involve lively pop songs, implausibly lively zombie songs, operatic masterpieces performed as bat'leth duels to the death, network protocol error messages, tim tams, love songs about ex-planets, and the occasional Beatles number because reasons.

Hyper-V has long been considered a prestige target for security researchers, with Microsoft offering high value bug bounties, and performing continuous in-house testing and attack-surface hardening. In this presentation I’ll show how I turned the discovery of a seemingly unreproducible bug into a critical-rated arbitrary code execution vulnerability, which was awarded MSRC’s maximum bounty.

The talk will begin with a very brief introduction to virtualization and Hyper-V, before launching into an in-depth examination of the low-level VMBus protocol which underpins guest-host communication. We will cover the mechanisms VMBus uses for signaling, shared memory, and callback messages, and the different types of devices it supports. Finally, I will trace the flow of a VMBus message from a guest VM all the way through to a host device driver in order to demonstrate the attack surface exposed by VMBus.

To finish this presentation I will dive into the details of a bug I discovered in early 2023 in a core VMBus host driver. In the journey to create a reliable proof-of-concept I will explain how to modify the Linux kernel’s Hyper-V guest drivers to craft our own custom VMBus packets, discuss a novel method of manipulating the Windows kernel’s LookasideList cache implementation from inside a guest VM, and finally, demonstrate how I won an incredibly precise race between host kernel threads to trigger the vulnerability.

David will present some new IoT malware he discovered, by accident, on
a wifi photo frame purchased at a physical store right here in Canberra.
He will describe the tools and techniques used to locate and extract the
malware from its hiding place deep in the firmware of the device.

The Linux kernel has long been an attractive target for attackers aiming to compromise systems, as a result the kernel community are constantly responding by introducing security mitigations and locking down attack surfaces. Linux distributions will often weigh up the impact of enabling these features, with the impact to usability and performance of the operating system, resulting in a fragmented approach to adoption of upstream Linux kernel security features. This talk will discuss a range of recently introduced security features in the kernel, which attempt to complicate the exploit development process, and provide an overview of the state of adoption in major distributions.

Radios are everywhere, and RF technology is applied in places that you might not even have thought of, and this usage is only going to grow. Come learn how basic Radio technology works, what you can transmit and receive, as well as the legalities you need to keep in mind before blasting the entire CBD with RF interference (hint: don't).

The RF village is a space to allow participants the opportunity to learn and experiment with a variety of RF devices and technologies. As a bonus, we may even inspire your next revolutionary project idea! We'll be doing a few live demos with the Flipper Zero, a variety of SDR’s as well as other radio equipment.

Disclaimer: no responsibility taken if this workshop also inspires your next eBay spending spree.

The Tastic RFID Thief was first presented by Francis Brown from Bishop Fox at Defcon back in 2013. Since then, long-range RFID readers have been used by many red teamers to successfully capture employee access card credentials. 10 years later, this tool still plays a crucial part in many engagements where insecure RFID cards are used. However, there have been few improvements to the tool despite the advances in cheap microcontrollers and battery technology. It’s time to give this tool a breath of fresh air and make it Fan-Tastic.

Join us at the closing ceremony, where we will announce the winners of the competitions and reflect on the valuable moments from this remarkable conference. It's a great opportunity to appreciate the connections and networking that have blossomed during these inspiring days. We extend our heartfelt gratitude to our supporters, speakers, sponsors, and volunteers for their invaluable contributions. We look forward to seeing you there as we bid a fond farewell and embrace the exciting journey ahead!