Jonathan Tomek

Jonathan Tomek

What the world needs now, is HAM sweet HAM

Do you know why the hacker community is so interested in HAM radio? You probably do; it is the ultimate nerd hobby. It invokes a variety of abilities involving multiple competencies and skills. What skills you may ask? Too many to list here…

Devices from IoT to satellites to power meters all use radio signals to communicate. Since security is often an after-thought, it is the wild west in the radio realm for a hacker.

Let’s introduce you to some things to increase your appetite for becoming a HAM. Whether you have an SDR laying around or hand-held you have had since the last hackercon, you should to know how to use it. For those HAMs out there, this should still get you excited to try something new. Since it wouldn’t be Cyphercon without the “cypher”, there will be some fun things here to spir the curiosity in your old hackerself.


Josh Frantz

Josh Frantz

Thrift Shoppin’ with your data

Do you ever wonder what happens with disk drives, flash drives, even floppy drives when you drop them off at thrift stores or e-recycling centers? You signed an agreement saying they would wipe your data, so that no one could ever find those text files filled with passwords and sensitive information. Well, even though you signed that piece of paper, these thrift stores and e-recycling centers have not been making good on their contractual obligations.

We all have a box of wires, 10 flash drives and 5 hard drives laying around. How do you properly dispose of those devices safely and securely? In this presentation, we take a dive into thrift shopping all around Wisconsin, in particular, buying your data back from those who agreed to destroy it. You signed an agreement saying that your disks would be wiped, your data destroyed, but based on what i found, that couldn’t be further from the truth.


Eric Escobar

Eric Escobar Matt Orme

Matt Orme

Remote Wireless Pentesting in a nutshell (or ammo can)

Wireless pentesting typically requires physical proximity to a target which requires time, limited resources, and constant traveling. Eric & Matt have pioneered an inexpensive device to covertly perform wireless pentests anywhere on earth. Their unique solution to the problem centers around the ability to perform a wireless pentest remotely. To achieve this lofty goal they did what any hackers would do; scrounge up pieces and parts until they had a workable prototype that could phone home via multiple LTE connections and give remote access to the wireless environment surrounding their device. Much improved since it’s tangle of wires and packing peanuts, a year later their device has compromised dozens of enterprise networks spanning 3 continents. In this talk we’ll discuss why we built it, how it works, and why we think it will revolutionize wireless pentesting.


Arden Meyer

Arden Meyer

Privilege Escalation in Mechanical Master-Key Systems

The mechanical pin and tumbler locks we use on our homes, schools, and businesses have not changed much in over 100 years. Sure, there have been some exotic new designs but most are just not fiscally feasible compared to their relatively minor improvements (if any) in security. A feature desired on large scale deployments is called Master Keying, which allows for many unique key/lock combinations while supporting multiple permission levels commonly referred to as “janitor keys” or “security keys” that can open multiple locks. While these systems are still in use around the globe in medium-to-large scale businesses, schools, and government buildings, they are also susceptible to what some consider to be the original privilege escalation attack. We will talk about an optimization attack against the most common master keyed lock systems in use today, reducing the potential attack surface from 1,000,000 permutations for an SC4 keyway system down to 42 steps to find the highest privilege key.


Ian Sindermann

Ian Sindermann

Unhinging Security on the Buffalo TeraStation NAS

Often times it only takes a small oversight to cause a vulnerability, even when it comes to severe vulnerabilities. The Buffalo TeraStation NAS demonstrates this idea beautifully in that it has a variety of features that do just a tad more than they should. Using these oversights as examples, I’ll provide an overview of the thought processes, mindset, and skills used to turn happy little oversights into happy little shells. There will be an abundance of facepalms and IoT war stories, and if that wasn’t enough, there’s a good chance these vulns will still be unpatched.