skip to main content

DEF CON Hacking Conference

DEF CON 16 Archive

was August 8-10, 2008 at the Riviera Hotel and Casino.

Speakers & Presentations


Mati Aharoni

BackTrack Foo - From Bug to 0day

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Md Sohail Ahmad, JVR Murthy, Amit Vartak

Autoimmunity Disorder in Wireless LAN

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Chema Alonso & José Parada

Time-Based Blind SQL Injection using heavy queries: A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool

Read It! (PDF | White Paper) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Zack Anderson, RJ Ryan & Alessandro Chiesa
Cancelled due to federal court order which was later allowed to expire. See court documents listed at right.

The Anatomy of a Subway Hack: Breaking Crypto RFID's and Magstripes of Ticketing Systems

Read It! (PDF)
Court Documents:
1-complaint.pdf
2-motionfortro.pdf
3-memorandum.pdf
4-declaration-sullivan.pdf
5-declaration-foster.pdf
6-declaration-kelley.pdf
7-declaration-mahony.pdf
8-corporatedisclosure.pdf
9-declaration-mahony2-exhibits.pdf
10-declaration-henderson-vulnerability.pdf
11-certificateofservice.pdf
12-motionfortro-order.pdf
13-noticeofappearance.pdf
14-johanson.pdf
15-no-scan.pdf
16-modifytro.pdf
17-mahony-declaration.pdf
8-modifytro-exhibits.pdf
19-certificate-of-service.pdf
20-originaltro-exhibits.pdf
21-motion-correct-not-mit.pdf
22-notice-of-appearance.pdf
23-response-to-modification-motion.pdf
24-hoffman-declarationandexhibits.pdf
25-eff-declaration.pdf
27-attorneyentrance.pdf
28-mbta-discovery-requests.pdf
29-attorneyentrance.pdf
30-mbta-oppositiontoTROreconsider.pdf
31-the-tech.pdf
33-motion-protectiveorder.pdf
34-reinsteinappearance.pdf
36-courtredactionpolicy.pdf
37-sullivandeclaration.pdf
38-mahonycertificate.pdf
39-discoveryextension.pdf
40-zack-motion-recon-tro.pdf
41-kessel-appearance.pdf
42-cohn-pro-hac-vice.pdf
43-hofman-pro-hac-vice.pdf
44-brown-appearance.pdf
45-kolodney-appearance.pdf
46-mbta-more-time.pdf
47-zack-reply-to-mbta-oppo.pdf
48-zack-declaration.pdf
49-mcsherry-declaration.pdf
MBTA-press-office-fact-sheet.pdf


Ian O. Angell

Digital Security: A Risky Business

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


atlas

VulnCatcher: Fun with Vtrace and Programmatic Debugging

Read It! (PDF ) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Taylor Banks & Carric

Pen-Testing is Dead, Long Live the Pen Test

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Jay Beale

Owning the Users with The Middler

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Jay Beale

They're Hacking Our Clients! Introducing Free Client-side Intrusion Prevention

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Luciano Bello & Maximiliano Bertacchini

Predictable RNG in the Vulnerable Debian OpenSSL Package, the What and the How

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


John Benson "jur1st"

When Lawyers Attack! Dealing with the New Rules of Electronic Discovery

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Peter Berghammer

The Emergence (and Use) of Open Source Warfare

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Don M. Blumenthal

What To Do When Your Data Winds Up Where It Shouldn't

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Don M. Blumenthal

Working with Law Enforcement

Read It! (PDF) See it! (Speaker & Slides) Hear it! (m4b audio)


Magnus Bråding

Generic, Decentralized, Unstoppable Anonymity: The Phantom Protocol

Read It! (PPT | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Adam Bregenzer

Buying Time - What is your Data Worth?

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Mark Bristow

ModScan: A SCADA MODBUS Network Scanner

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Michael Brooks

Deciphering Captcha

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Michael Brooks

CSRF Bouncing†

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Jonathan Brossard

Bypassing Pre-boot Authentication Passwords

Read It! (PDF | White Paper) Extras (ZIP) See it! (Speaker & Slides) Hear it! (m4b audio)


David Byrne & Eric Duprey

Grendel-Scan: A new web application scanning tool

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


D.J. Capelis : UPDATED :

Building a Real Session Layer

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Joe Cicero & Michael Vieau

Hacking E.S.P.

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Ian Clarke

Hacking Desire

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Sandy Clark "Mouse"

Climbing Everest: An Insider's Look at one State's Voting Systems

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Greg Conti

Could Googling Take Down a President, a Prime Minister, or an Average Citizen?

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Paul Craig

Compromising Windows Based Internet Kiosks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Thomas d'Otreppe de Bouvette & Rick Farina

Shifting the Focus of WiFi Security: Beyond cracking your neighbor's wep key

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Brenno De Winter

Hacking Data Retention: Small Sister your digital privacy self defense

Read It! (PDF) See it! (Speaker & Slides) Hear it! (m4b audio)


Brenno De Winter

Ticket to Trouble

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)


Roger Dingledine

Security and Anonymity Vulnerabilities in Tor: Past, Present, and Future

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Chris Eagle & Tim Vidas

Next Generation Collaborative Reversing with Ida Pro and CollabREate

Read It! (PDF | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Brian K. Edwards & Silvio J. Flaim

Markets for Malware: A Structural Economic Approach

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Nathan Evans & Christian Grothoff

de-Tor-iorate Anonymity

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Doug Farre

Identification Card Security: Past, Present, Future

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Ben Feinstein : UPDATED :

Snort Plug-in Development: Teaching an Old Pig New Tricks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Ben Feinstein : UPDATED :

The Wide World of WAFs

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Kevin Figueroa, Marco Figueroa & Anthony L. Williams

VLANs Layer 2 Attacks: Their Relevance and their Kryptonite

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


John Fitzpatrick

Virtually Hacking

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Zac Franken

Is That a Unique Credential in Your Pocket or Are You Just Pleased to See Me?

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Stefan Frei, Thomas Duebendorfer, Gunter Ollmann & Martin May

Exploiting A Hundred-Million Hosts Before Brunch

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Fyodor

Nmap: Scanning the Internet

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Travis Goodspeed

Journey to the Center of the HP28

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Joe "Kingpin" Grand

Making the DEF CON 16 Badge

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Joe "Kingpin" Grand & Zoz

BSODomizer

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Kurt Grutzmacher

Nail the Coffin Shut, NTLM is Dead

Read It! (PDF) See it! (Slides) Hear it! (m4b audio)


Nathan Hamiel & Shawn Moyer

Satan is on my Friends list: Attacking Social Networks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Nick Harbour

Advanced Software Armoring and Polymorphic Kung Fu

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


G. Mark Hardy

A Hacker Looks at 50

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Wendel Guglielmetti Henrique

Playing with Web Application Firewalls

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Rick Hill

War Ballooning-Kismet Wireless "Eye in the Sky"

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Cameron Hotchkies

Under the iHood

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Simon Howard

Race-2-Zero Unpacked

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Tony Howlett

The Death of Cash

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


JonM

Ham For Hackers- Take Back the Airwaves

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Dan Kaminsky

DNS Goodness

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)


Anton Kapela & Alex Pilosov

Stealing The Internet - A Routed, Wide-area, Man in the Middle Attack

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)


Fouad Kiamilev & Ryan Hoover

Demonstration of Hardware Trojans

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Kolisar : UPDATED :

WhiteSpace: A Different Approach to JavaScript Obfuscation

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Matt "DCFLuX" Krick

Flux on: EAS (Emergency Alert System)

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Lee Kushner & Mike Murray

Career Mythbusters: Separating Fact from Fiction in your Information Security Career

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Alexander Lash

Taking Back your Cellphone

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


lclee_vx & lychan25

Comparison of File Infection on Windows & Linux

Read It! (PDF | White Paper) Extras (ZIP)


"FX" Felix Lindner

Developments in Cisco IOS Forensics

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


"FX" Felix Lindner

Toying With Barcodes

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Michael Ligh & Greg Sinclair

Malware RCE: Debuggers and Decryptor Development

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Lyn

Tuning Your Brain

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Major Malfunction

Feed my Sat Monkey

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Morgan Marquis-Boire

Fear, Uncertainty and the Digital Armageddon

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Guy Martin

Sniffing Cable Modems

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Anthony Martinez & Thomas Bowen

Toasterkit, a Modular NetBSD Rootkit

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


David Maynor & Robert Graham

Bringing *****y Back: Breaking in with Style

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Scott Moulton

Forensics is ONLY for Private Investigators

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Scott Moulton

Solid State Drives Destroy Forensic & Data Recovery Jobs: Animated!

Read It! (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Nelson Murilo & Luiz 'effffn' Eduardo

Beholder: New Wifi Monitor Tool

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Dr. Igor Muttik

Good Viruses. Evaluating the Risks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Ne0nRa1n & Joe "Kingpin" Grand : UPDATED :

Brain Games: Make your own Biofeedback Video Game

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Jan Newger : UPDATED :

Anti-RE Techniques in DRM Code

Read It! (PDF | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


N.N.P.

VoIPER: Smashing the VoIP Stack While You Sleep

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


NYCMIKE

The World of Pager Sniffing/Interception: More Activity Than One May Suspect

Read It! (PDF) See it! (Speaker & Slides) Hear it! (m4b audio)


Christer Öberg, Claes Nyberg & James Tusini

Hacking OpenVMS

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Jim O'Leary

Every Breath You Take

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Mike Perry

365-Day: Active Https Cookie Hijacking

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)


Phreakmonkey & mutantMandias : UPDATED :

Urban Exploration - A Hacker's View

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Bruce Potter

Malware Detection through Network Flow Analysis

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Paul F. Renda

The true story of the Radioactive Boyscout: The first nuclear hacker and how his work relates to Homeland Security's model of the dirty bomb

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Renderman

How Can I Pwn Thee? Let Me Count the Ways

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Renderman

10 Things That Are Pissing Me Off

Read It! (PDF) Extras (ZIP)


Mike Renlund

The Big Picture: Digital Cinema Technology and Security

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Robert Ricks

New Tool for SQL Injection with DNS Exfiltration

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Eric Schmiedl

Advanced Physical Attacks: Going Beyond Social Engineering and Dumpster Diving

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Ferdinand Schober : UPDATED :

Gaming - The Next Overlooked Security Hole

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Jason Scott

Making a Text Adventure Documentary

Read It! (TXT) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Blake Self, DevDelay & Bitemytaco : UPDATED :

Free Anonymous Internet Using Modified Cable Modems

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


James Shewmaker

StegoFS

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Teo Sze Siong & Hirosh Joseph : UPDATED :

Let's Sink the Phishermen's Boat!

Read It! (PDF | White Paper)


Eric Smith & Dr. Shana Dardan

Medical Identity Theft

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Mike Spindel & Scott Torborg

CAPTCHAs: Are they really hopeless? (Yes)

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Alex Stamos, David Thiel & Justine Osborne

Living in the RIA World

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Tom "strace" Stracener & Robert "Rsnake" Hansen

Xploiting Google Gadgets: Gmalware and Beyond

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Christopher Tarnovsky

Inducing Momentary Faults Within Secure Smartcards / Microcontrollers

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Marc Weber Tobias & Matt Fiddler

Open in 30 Seconds: Cracking One of the Most Secure Locks in America

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Tottenkoph, Rev & Philosopher

Hijacking the Outdoor Digital Billboard Network

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Schuyler Towne & Jon King

How to make Friends & Influence Lock Manufacturers

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Ryan Trost

Evade IDS/IPS Systems using Geospatial Threat Detection

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Valsmith & Colin Ames

MetaPost-Exploitation

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Vic Vandal

Keeping Secret Secrets Secret and Sharing Secret Secrets Secretly

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Weasel

Compliance: The Enterprise Vulnerability Roadmap

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Matt Weir & Sudhir Aggarwal

Password Cracking on a Budget

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


David Weston & Tiller Beauchamp

RE:Trace: The Reverse Engineer's Unexpected Swiss Army Knife

Read It! (PDF | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Thomas Wilhelm

Mobile Hacker Space

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Clinton Wong

Web Privacy and Flash Local Shared Objects

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Fabian "fabs" Yamaguchi & FX

New Ideas for Old Practices - Port-Scanning Improved

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Matt Yoder

The Death Envelope: A Medieval Solution to a 21st Century Problem

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Michael J. Assante, Jerry Dixon, Tom Kellermann & Marcus Sachs

Panel: Commission on Cyber Security for the 44th Presidency

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


David Mortman, Rich Mogull, Chris Hoff, Robert "RSnake" Hansen, Robert Graham & David Maynor

Panel: All Your Sploits (and Servers) Are Belong To Us

Read It! (PDF 1, 2, 3, 4) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


David Kennedy, Ken Stasiak, Scott White, John Melvin & Andrew Weidenhamer

Panel: Black vs. White: The Complete Life Cycle of a Real World Breach

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


Kevin Bankston, Eva Galperin, Jennifer Granick, Marcia Hofmann, Corynne McSherry & Kurt Opsahl

Panel: Ask EFF: The Year in Digital Civil Liberties Panel

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)


DAVIX

DAVIX Visualization Workshop

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

return to top