๐ป=demo, ๐ =tool, ๐ชฒ=exploit
Friday, August 12th, 2022
10:00
-
Track 1
Panel - "So It's your first DEF CON" - How to get the most out of DEF CON, What NOT to do.
DEF CON Goons
45 minutes
-
Track 2
Panel - DEF CON Policy Dept - What is it, and what are we trying to do for hackers in the policy world?
DEF CON Policy Dept
75 minutes
-
Track 3
Old Malware, New tools: Ghidra and Commodore 64, why understanding old malicious software still matters
Cesare Pizzi
45 minutes
๐ -
Track 4
Computer Hacks in the Russia-Ukraine War
Kenneth Geers
20 minutes
10:30
-
Track 1
Continued
-
Track 2
Continued
-
Track 3
Continued
-
Track 4
OopsSec -The bad, the worst and the ugly of APTโs operations security
Tomer Bar
45 minutes
๐ป ๐
11:00
-
Track 1
Welcome to DEF CON & The Making of the DEF CON Badge
The Dark Tangent, Michael and Katie Whiteley (Mkfactor)
45 minutes
-
Track 2
Continued
-
Track 3
The PACMAN Attack: Breaking PAC on the Apple M1 with Hardware Attacks
Joseph Ravichandran
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
11:30
-
Track 1
Continued
-
Track 2
A Policy Fireside Chat with the National Cyber Director
Chris Inglis
45 minutes
-
Track 3
Continued
-
Track 4
Running Rootkits Like A Nation-State Hacker
Omri Misgav
20 minutes
๐ป ๐
12:00
-
Track 1
Glitched on Earth by humans: A Black-Box Security Evaluation of the SpaceX Starlink User Terminal
Lennert Wouters
45 minutes
๐ป ๐ชฒ -
Track 2
Continued
-
Track 3
Avoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More
Kyle Avery
45 minutes
-
Track 4
One Bootloader to Load Them All
Mickey Shkatov, Jesse Michael
45 minutes
๐ป ๐ ๐ชฒ
12:30
-
Track 1
Continued
-
Track 2
Global Challenges, Global Approaches in Cyber Policy
Gaurav Keerthi, Pete Cooper, Lily Newman, TBA
45 minutes
-
Track 3
Continued
-
Track 4
Continued
13:00
-
Track 1
Emoji Shellcoding: ๐ ๏ธ, ๐ง, and ๐คฏ
Hadrien Barral, Georges-Axel Jaloyan
45 minutes
๐ป ๐ -
Track 2
Continued
-
Track 3
Backdooring Pickles: A decade only made things worse
ColdwaterQ
20 minutes
๐ป ๐ -
Track 4
Youโre
MutedRootedPatrick Wardle
45 minutes
๐ป ๐ ๐ชฒ
13:30
-
Track 1
Continued
-
Track 2
A Policy Fireside Chat with Jay Healey
Jason Healey, Fahmida Rashid
45 minutes
-
Track 3
Weaponizing Windows Syscalls as Modern, 32-bit Shellcode
Tarek Abdelmotaleb, Dr. Bramwell Brizendine
20 minutes
๐ป -
Track 4
Continued
14:00
-
Track 1
Space Jam: Exploring Radio Frequency Attacks in Outer Space
James Pavur
45 minutes
๐ป ๐ -
Track 2
Continued
-
Track 3
Process injection: breaking all macOS security layers with a single vulnerability
Thijs Alkemade
45 minutes
๐ชฒ -
Track 4
Phreaking 2.0 - Abusing Microsoft Teams Direct Routing
Moritz Abrell
20 minutes
๐ป ๐ชฒ
14:30
-
Track 1
Continued
-
Track 2
Leak The Planet: Veritatem cognoscere non pereat mundus
Emma Best, Xan North
45 minutes
-
Track 3
Continued
-
Track 4
Trace me if you can: Bypassing Linux Syscall Tracing
Rex Guo, Junyuan Zeng
45 minutes
๐ป ๐ ๐ชฒ
15:00
-
Track 1
Exploring the hidden attack surface of OEM IoT devices: pwning thousands of routers with a vulnerability in Realtekโs SDK for eCos OS.
Octavio Gianatiempo, Octavio Galland
45 minutes
-
Track 2
Continued
-
Track 3
LSASS Shtinkering: Abusing Windows Error Reporting to Dump LSASS
Asaf Gilboa, Ron Ben-Yitzhak
45 minutes
๐ป ๐ -
Track 4
Continued
15:30
-
Track 1
Continued
-
Track 2
How Russia is trying to block Tor
Roger Dingledine
45 minutes
๐ -
Track 3
Continued
-
Track 4
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
James Kettle
45 minutes
๐ป ๐ชฒ
16:00
-
Track 1
Hacking ISPs with Point-to-Pwn Protocol over Ethernet (PPPoE)
Gal Zror
45 minutes
๐ป -
Track 2
Continued
-
Track 3
Wireless Keystroke Injection (WKI) via Bluetooth Low Energy (BLE)
Jose Pico, Fernando Perera
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
16:30
-
Track 1
Continued
-
Track 2
DEF CON Policy Dept - Special Edition Policy Talk
DEF CON Policy Dept
45 minutes
-
Track 3
Continued
-
Track 4
A dead manโs full-yet-responsible-disclosure system
Yolan Romailler
45 minutes
๐ป ๐
17:00
-
Track 1
Hunting Bugs in The Tropics
Daniel Jensen
45 minutes
๐ชฒ -
Track 2
Continued
-
Track 3
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
Orange Tsai
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
17:30
-
Track 1
Continued
-
Track 2
Walk This Way: What Run D.M.C. and Aerosmith Can Teach Us About the Future of Cybersecurity
Jen Easterly, The Dark Tangent
45 minutes
-
Track 3
Continued
-
Track 4
Deanonymization of TOR HTTP hidden services
Ionut Cernica
20 minutes
๐ป ๐ชฒ
18:00
-
Track 1
Killer Hertz
Chris Rock
45 minutes
๐ป ๐ ๐ชฒ -
Track 2
Continued
-
Track 3
Pulling Passwords out of Configuration Manager: Practical Attacks against Microsoft's Endpoint Management Software
Christopher Panayi
45 minutes
๐ป ๐ -
Track 4
Tear Down this Zywall: Breaking Open Zyxel Encrypted Firmware
Jay Lagorio
45 minutes
18:30
-
Track 1
Continued
-
Track 2
Dragon Tails: Supply-side Security and International Vulnerability Disclosure Law
Stewart Scott, Trey Herr
20 minutes -
Track 3
Continued
-
Track 4
Continued
20:00
-
Track 1
-
Track 2
-
Track 3
-
Track 4
Hacker Jeopardy, followed by Whose Slide is it Anyway?
SATURDAY, August 13th, 2022
10:00
-
Track 1
Brazil Redux: Short Circuiting Tech-Enabled Dystopia with The Right to Repair
Paul Roberts, Joe Grand, Corynne McSherry, Louis Rossmann, Kyle Wiens
75 minutes -
Track 2
TBA
-
Track 3
Scaling the Security Researcher to Eliminate OSS Vulnerabilities Once and For All
Jonathan Leitschuh
45 minutes
๐ป -
Track 4
Literal Self-Pwning: Why Patients - and Their Advocates - Should Be Encouraged to Hack, Improve, and Mod Med Tech
Cory Doctorow, Christian "quaddi" Dameff MD, Jeff โr3plicantโ Tully MD
45 minutes
11:00
-
Track 1
Continued
-
Track 2
My First Hack Was in 1958 (Then A Career in RockโnโRoll Taught Me About Security)
Winn Schwartau
45 minutes
-
Track 3
No-Code Malware: Windows 11 At Your Service
Michael Bargury
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
How To Get MUMPS Thirty Years Later (or, Hacking The Government via FOIA'd Code)
Zachary Minneker
45 minutes
๐ป ๐ชฒ
11:30
-
Track 1
Reversing the Original Xbox Live Protocols
Tristan Miller
45 minutes
๐ป ๐ -
Track 2
Continued
-
Track 3
Continued
-
Track 4
Continued
12:00
-
Track 1
Continued
-
Track 2
Tracking Military Ghost Helicopters over Washington, D.C.
Andrew Logan
20 minutes -
Track 3
All Roads leads to GKE's Host : 4+ Ways to Escape
Billy Jheng, Muhammad ALifa Ramdhan
45 minutes
๐ป ๐ชฒ -
Track 4
The Evil PLC Attack: Weaponizing PLCs
Sharon Brizinov
20 minutes
๐ป ๐ ๐ชฒ
12:30
-
Track 1
The hitchhackerโs guide to iPhone Lightning & JTAG hacking
stacksmashing
20 minutes
๐ป ๐ -
Track 2
UFOs, Alien Life, and the Least Untruthful Things I Can Say.
Richard Thieme
45 minutes
-
Track 3
Continued
-
Track 4
Analyzing PIPEDREAM: Challenges in testing an ICS attack toolkit.
Jimmy Wylie
45 minutes
๐ป
13:00
-
Track 1
Chromebook Breakout: Escaping Jail, with your friends, using a Pico Ducky
Jimi Allee
45 minutes
๐ป -
Track 2
Continued
-
Track 3
Exploring Ancient Ruins to Find Modern Bugs: Discovering a 0-Day in an MS-RPC Service
Ben Barnea, Ophir Harpaz
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
13:30
-
Track 1
Continued
-
Track 2
HACK THE HEMISPHERE! How we (legally) broadcasted hacker content to all of North America using an end-of-life geostationary satellite, and how you can set up your own broadcast too!
Karl Koscher, Andrew Green
45 minutes
๐ป -
Track 3
Continued
-
Track 4
Do Not Trust the ASA, Trojans!
Jacob Baines
45 minutes
๐ ๐ชฒ
14:00
-
Track 1
OpenCola. The AntiSocial Network
John Midgley, Oxblood Ruffin
45 minutes
๐ป ๐ -
Track 2
Continued
-
Track 3
The COW (Container On Windows) Who Escaped the Silo
Eran Segal
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
14:30
-
Track 1
Continued
-
Track 2
Digging into Xiaomiโs TEE to get to Chinese money
Slava Makkaveev
20 minutes
๐ป ๐ชฒ -
Track 3
Continued
-
Track 4
Doing the Impossible: How I Found Mainframe Buffer Overflows
Jake Labelle
45 minutes
๐ป ๐ ๐ชฒ
15:00
-
Track 1
Dรฉjร Vu: Uncovering Stolen Algorithms in Commercial Products
Patrick Wardle, Tom McGuire
20 minutes
๐ป -
Track 2
The Big Rick: How I Rickrolled My High School District and Got Away With It
Minh Duong
20 minutes -
Track 3
You Have One New Appwntment - Hacking Proprietary iCalendar Properties
Eugene Lim
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
15:30
-
Track 1
Automotive Ethernet Fuzzing: From purchasing ECU to SOME/IP fuzzing
Jonghyuk Song, Soohwan Oh, Woongjo choi
20 minutes
๐ -
Track 2
Tor: Darknet Opsec By a Veteran Darknet Vendor & the Hackers Mentality
Sam Bent
45 minutes
-
Track 3
Continued
-
Track 4
Perimeter Breached! Hacking an Access Control System
Sam Quinn, Steve Povolny
45 minutes
๐ป
16:00
-
Track 1
Trailer Shouting: Talking PLC4TRUCKS Remotely with an SDR
Ben Gardiner, Chris Poore
45 minutes
๐ป ๐ ๐ชฒ -
Track 2
Continued
-
Track 3
Low Code High Risk: Enterprise Domination via Low Code *****
Michael Bargury
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
16:30
-
Track 1
Continued
-
Track 2
Why did you lose the last PS5 restock to a bot Top-performing app-hackers business modules, architecture, and techniques
Arik
45 minutes
-
Track 3
Continued
-
Track 4
Defeating Moving Elements in High Security Keys
Bill Graydon
45 minutes
๐ ๐ชฒ
17:00
-
Track 1
Hacking The Farm: Breaking Badly Into Agricultural Devices.
Sick Codes
45 minutes
๐ป ๐ ๐ชฒ -
Track 2
Continued
-
Track 3
Internal Server Error: Exploiting Inter-Process Communication with new desynchronization primitives
Martin Doyhenard
45 minutes
๐ป ๐ ๐ชฒ -
Track 4
Continued
17:30
-
Track 1
Continued
-
Track 2
Crossing the KASM -- a webapp pentest story
Samuel Erb, Justin Gardner
45 minutes
๐ชฒ -
Track 3
Continued
-
Track 4
Black-Box Assessment of Smart Cards
Daniel Crowley
45 minutes
๐ป ๐
18:00
-
Track 1
-
Track 2
Continued
-
Track 3
The CSRF Resurrections! Starring the Unholy Trinity: Service Worker of PWA, SameSite of HTTP Cookie, and Fetch
Dongsung Kim
45 minutes
๐ป ๐ -
Track 4
Continued
18:30
-
Track 1
-
Track 2
-
Track 3
Continued
-
Track 4
Digital Skeleton Keys - Weโve got a bone to pick with offline Access Control Systems
Miana E Windall, Micsen
20 minutes
๐ป ๐ ๐ชฒ
20:00
-
Track 1
-
Track 2
War Stories
-
Track 3
-
Track 4
Hacker Jeopardy, followed by Whose Slide is it Anyway?
SUNDAY August 14th, 2022
11:00
-
Track 1
Exploitation in the era of formal verification: a peek at a new frontier with AdaCore/SPARK
Adam 'pi3' Zabrocki, Alex Tereshkin
45 minutes
๐ป -
Track 2
emulation-driven reverse-engineering for finding vulns
atlas
45 minutes
๐ป ๐ -
Track 3
Save The Environment (Variable): Hijacking Legitimate Applications with a Minimal Footprint
Wietze Beukema
45 minutes
๐ป ๐ -
Track 4
STrace - A DTrace on windows reimplementation.
Stephen Eckels
45 minutes
๐ป ๐
12:00
-
Track 1
The Call is Coming From Inside The Cluster: Mistakes that Lead to Whole Cluster Pwnership
Dagan Henderson, Will Kline
45 minutes
๐ป -
Track 2
Taking a Dump In The Cloud
Melvin Langvik, Flangvik
45 minutes
๐ป ๐ -
Track 3
PreAuth RCE Chains on an MDM: KACE SMA
Jeffrey Hofmann
45 minutes
๐ป ๐ชฒ -
Track 4
Defaults - the faults. Bypassing android permissions from all protection levels
Nikita Kurtin
45 minutes
๐ป ๐ชฒ
13:00
-
Track 1
Less SmartScreen More Caffeine โ ClickOnce (Ab)Use for Trusted Code Execution
Steven Flores, Nick Powers
45 minutes
๐ป ๐ -
Track 2
DEF CON Policy Dept - Special Edition Policy Talk
DEF CON Policy Dept
45 minutes
-
Track 3
ElectroVolt: Pwning popular desktop apps while uncovering new attack surface on Electron
Aaditya Purani, Max Garrett
45 minutes
๐ป ๐ชฒ -
Track 4
The Journey From an Isolated Container to Cluster Admin in Service Fabric
Aviv Sasson
45 minutes
๐ป ๐ชฒ
14:00
-
Track 1
Empty
-
Track 2
Empty
-
Track 3
Contest Closing Ceremonies & Awards
Grifter
75 minutes -
Track 4
Solana JIT: Lessons from fuzzing a smart-contract compiler
Thomas Roth
45 minutes
๐ป ๐
15:30
-
Tracks 1 & 2
DEF CON Closing Ceremonies & Awards
The Dark Tangent
Till it ends. minutes