skip to main content

DEF CON Hacking Conference

Home

The Latest

DC813 is holding a CTF!

DCG 813 image

DC813 is holding a CTF competition in January. If you're Tampa-adjacent, this could be a really fun way to get into CTF or level up your blossoming skills.

From the DEF CON Forums:
We will be holding a beginners/intermediate CTF game which has a $10 seating charge for purposes of raising money for DC813. Cash payment at the door. There will be a grand prize given to the first competitor to get the flag (root). This is a boot to root challenge. Seating is limited. NOTE: This CTF does not include multiple attack nodes; this game is designed for beginners and those that wish to sharpen their CTF skills. An OVA file containing the game within a VM will be provided, upon payment, the day of the competition. All monies received will go towards the DC813 Meetup expenses.

DEF CON 24 Black Badge Hall of Fame Update!

DEF CON 24 Black Badge image

In the ever-expanding universe of DEF CON competitions, there are many winners. We salute them all. Some of these victories are so impressive that we recognize them with an extra awesome badge and free DEF CON entry for life. This badge is the Black Badge, and we list the winners on the Black Badge Hall of Fame.

We've updated the Black Badge Hall of Fame to include winners from DEF CON 24. You should check it out.

If you have questions or updates, hit us up at info at def con dot org.

DEF CON Groups Spotlight: DC801 Badge Coding Environment talk

DCG 801 Badge Coding Video image

Video from #defcongroup DC801's badge coding environment presentation a few nights ago. Learn a little something about the making of the 801 badge and pass it on. Also, get a look into the kind of cool stuff that happens at DEF CON Groups, and seriously consider joining your local chapter so that cool stuff can start happening to you.

If there isn't a DC Group where you are, consider starting one. All the details you need are at defcongroups.org.

DEF CON 24 Early Release: I Fight for the Users: Attacks Against Top Consumer Products

DEF CON 24 Liu talk image

To help you get over that midweek hump, we offer another early release video from DEF CON 24 - 'I Fight for the Users: Attacks Against Top Consumer Products '. In this video, @zfasel and @secbarbie walk you through attacks on 21 popular IoT devices - so you get something more than just proof that one or another connected toaster is ready to pwn. You get to see how how whole product categories are ready to pwn.

There's even tools, in case you want to test the security of some of your own 'smart' devices. Good stuff, delivered with an eye for the lulz.

Please enjoy and then pass it on.

DEF CON 24 Early Release: Can You Trust Autonomous Vehicles?

DEF CON 24 Liu talk image

We've got another early release video from DEF CON 24! It 's called 'Can You Trust Autonomous Vehicles?', and in it Jianhao Liu and Chen Yan discuss jamming and spoofing attacks on the sensors of cars like the Tesla Model S. It's definitely a sobering look at the downside of the Jetsons-style tech we're developing and a good reminder of the place security thinking needs to take at the design table.

As always, enjoy and pass it on.

DEF CON 24 CTF Final Scores Posted!

DEF CON 24 CTF image

The scores for this year's DEF CON 24 CTF have been posted! The model citizens of the Legitimate Business Syndicate have finalized and shared the ultimate scores of this year's historic and hotly contested contest.

But wait - there's more! LBS also suggests strongly you keep your eyes on their site (and ours, natch) for more goodies on the near horizon: pcaps, source code, a full SQL dump among other data for your leisurely examination.

The Latest

DEF CON 24 Press!

DEF CON 24 MouseJack talk image

DEF CON got a lot of ink this year - among the happenings were the DARPA CGC, tons of IoT news and what is probably the most bonkers uber badge in the history of uber badges. If you want to comb through the press coverage, we’ve assembled a bunch of it on the DEF CON Press Archive for your convenience. If you see articles that we missed, feel free to drop us a link in the comments and we’ll update.

Early Release Video: MouseJack!

DEF CON 24 MouseJack talk image

For your weekend, another #defconflashbackfriday early release talk from DEF CON 24 - this time Marc Newlin on the hijacking of wireless mice for nefarious purposes. He calls it 'MouseJack'.

As always, enjoy and share widely.

Early Release Video: Mr. Robot Panel at DEF CON 24!

DEF CON 24 Mr. Robot Panel image

For your midweek edification, we offer another early release video from DEF CON 24 - this one is the Mr. Robot panel! It's a lively discussion of the show and its inspirations with Mr. Robot's technical advisor Kor Adana, The Dark Tangent, Marc Rogers, Andre McGregor and Ryan Kazanciyan with journalist/author Kim Zetter moderating. If you watch the show, you'll definitely learn some new tidbits to increase your appreciation. If you don’t, the panel will show you what it takes to keep a hacker show realistic and exciting.

DEF CON Flashback Friday: Early Release from DEF CON 24!

DEF CON 24 weston hecker image

Returning to the tradition of #defconflashbackfriday, we offer a presentation from all the way back in 2016 - Weston Hecker's 'Hacking Hotel Keys and Point of Sales Systems : Attacking Systems Using Magnetic Secure Transmission' from DEF CON 24.

We probably can't summarize the talk better than the title does, but if you need a little more incentive here's the abstract:

"Take a look at weaknesses in Point of sale systems and the foundation of hotel key data and the Property management systems that manage the keys. Using a modified MST injection method Weston will demonstrate several attacks on POS and Hotel keys including brute forcing other guest’s keys from your card information as a start point. And methods of injecting keystrokes into POS systems just as if you had a keyboard plugged into the system. This includes injecting keystrokes to open cash drawer and abusing Magstripe based rewards programs that are used a variety of environments from retail down to rewards programs in Slot Machines."

As always, watch, learn and share widely.

DEF CON 24 Contest Results are Live!

DEF CON 24 Contest Results image

If the presentation tracks are the brain of DEF CON, then the contests are its heart. It's a kind of alchemy: we bring together thousands of interesting strangers fascinated with various aspects of technology, and we want them to leave a few days later with new friends, new skills and new obsessions. Our solution? Just add a rich, world-class layer of competitions run by an army of talented, insanely dedicated volunteers.

This formula has worked pretty well, and we thank all of you players for supporting the games and keeping the comp high-level and good-natured. It is our sincere hope that you're getting something valuable from getting into the DEF CON arena in the battle of your choice.

Still, the contests are as tough as they are fun, and the field is full of wildly brilliant humans. Every winner listed here has earned their prizes and bragging rights. We congratulate them all and hope to see all of you back in the ring for DC25.

Photo Corps Pictures and Tons More from DEF CON 24!

DEF CON 24 pictures image

The newest treats on the DEF CON media server are pictures from DC24. Like metric oodles of pictures, taken with skill and respect by our Photo Corps and a few other friends of the con like the SE Village. We offer them to all of you as a memento and record of the event, and a chance to see the bits you didn't get around to.

Like everything we release, these photos are CC licensed for you to enjoy, share and remix so long as you clearly attribute them to DEF CON.

If you have pics you'd like to share, let us know at info ]at[ defcon [dot] org and we'll look into adding them to the collection.

Write-ups from DEF CON 24!

DEF CON 24 writeups image

When the dust settles after a DEF CON, it's time to collect the write-ups from the various contests and challenges. There's nothing more educational and humbling than analyzing successful strategies from the player's point of view.  Please enjoy our DC24 Writeup Sampler Vol. 1, and if you see some we missed, please drop us the links for inclusion in a future volume.

Badge Contest Writeup from the winners, Council of Nine

Badge Contest Writeup from degeneratemetric

OpenCTF Writeup from @p4p1lio

CGC Writeup from DARPA

CTF Writeup from Zachary Wade of winning team Plaid Parliament of Pwning

DEF CON Link Roundup: IoT edition

DEF CON link roundup image

As part of our annual process of compiling press accounts of DEF CON, we offer some link roundups sorted by topic. First up, DEF CON Link Roundup: IoT edition.

This was a big year in the Internet of Things, and the whole industry is only just getting off the ground. At DEF CON 24 we saw the first ransomware delivered via thermostat, among many other causes for interest and concern.

As always, if you find cool coverage of DC24 topics out there, please feel free to drop some links in the comments.

https://motherboard.vice.com/read/internet-of-things-ransomware-smart-thermostat

http://www.bbc.com/news/technology-36995288

http://www.internetnews.com/blog/skerner/defcon-btlejuice-mitm-hacks-bluetooth-and-belittles-bluetooth-padlock-security.html

http://www.theregister.co.uk/2016/08/08/using_a_smart_bluetooth_lock_to_protect_your_valuables_youre_an_idiot/

http://www.theverge.com/circuitbreaker/2016/8/9/12414014/smart-lock-security-flaws-internet-of-things

http://mashable.com/2016/08/10/even-vibrators-get-hacked/#AVsvxH60pkq8

DEF CON 25 Will Be At Caesar's Palace!

DEF CON 24 soundtrack cover image

DEF CON 25 is going to be kind of a big deal.

First, we’re celebrating 25 years of bringing hackers together for knowledge transfer and hackish shenanigans in the swelter of late-summer Las Vegas. Even after a full quarter-century of hacker summer camp, our family is still growing fast, and we’re still finding new cool ways to get people involved and connected.

Second, we’re switching venues again, this time to the larger, swankier environs of Caesar’s Palace. We’ll have bit more space and a lot more flexibility in how that space is distributed.  Hopefully that means there will be easier traffic management and shorter lines for everyone.

DEF CON 25 will be held at Caesar’s Palace July 27-30, 2017. You can get yourself the DEF CON block rate right now at Caesar’s or the other participating hotels (Bally’s. Paris, Flamingo, Harrahs,and Linq) by following our reservation link at https://resweb.passkey.com/go/SCDEF7

We have a lot of ideas for celebrating our Silver Anniversary with you, and we hope you have some too.

Can’t wait to see all of you again at Caesars in July.

The DEF CON 24 Soundtrack on Gravitas Recordings!

DEF CON 24 soundtrack cover image

Heads up hackers! For those who attended, we hope you enjoyed this year's soundtrack. Many thanks to our headliners like Dirtyphonics, Information Society, and Richard Cheese for pitching in.

Most of all, a big thank you to Gravitas Recordings for helping to facilitate, curate, and help out with the online distribution of the soundtrack. If you missed the conference, you can find it at http://music.gravitasrecordings.com/album/def-con-24-the-official-soundtrack. Best of all, it's free or pay-what-you-want, with all revenue going to support the Electronic Frontier Foundation.

Look out for some major jams for DEF CON 25!

The DEF CON 24 Black Badge!

DEF CON 24 black badge image DEF CON 24 black badge image

We know what you're wondering. Who is that handsome fellow?

That striking visage belongs to this year's Uber Badge. In addition to his chiseled good looks, he sports some spiffy secret code and one particularly hyper-functional eyeball. They're each handmade, and need to be individually adjusted due to servo differences. If you're one of the lucky few who are taking one of these home, congratulations! If not, you should get here next year and get your hat in the ring. Who knows what next year's badge will be?

You can observe it in action at: https://www.youtube.com/watch?v=t8mLCnhMSqA

Cyber Grand Challenge Highlights from DEF CON 24!

DEF CON 24 CGC logo image

The DARPA Cyber Grand Challenge is complete, and the mighty Mayhem from ForAllSecure has been crowned Champion and ruler of all it surveys.

If you're still wondering what's such a big deal about computers hacking each other, or if you just want a quick primer on how amazing the contest was, DARPA has dropped a highlight reel to catch you all the way up.

Sometimes you can't see how important something in in its moment, even if it seems kind of important. This is probably one of those times.

Conference and Music CD torrents from DEF CON 24!

DEF CON 24 CD Torrents image

CD player in the shop? Too young to know what a CD even is? The DEF CON 24 conference CD and the DEF CON 24 Music CD are now available to you in ultra-convenient Torrent form. Enjoy hours of free music and conference goodies, without the danger of skips, scratches and microwave misadventure. The internets are standing by, so Act Now! 

Or, like, whenever. Supplies are basically unlimited.

https://www.defcon.org/html/torrent/DEF CON 24 original conference CD.torrent
https://www.defcon.org/html/torrent/DEF CON 24 music CD.torrent