skip to main content

DEF CON Hacking Conference

DEF CON 16 Archive

was August 8-10, 2008 at the Riviera Hotel and Casino.

Speakers & Presentations

Mati Aharoni

BackTrack Foo - From Bug to 0day

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Md Sohail Ahmad, JVR Murthy, Amit Vartak

Autoimmunity Disorder in Wireless LAN

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Chema Alonso & José Parada

Time-Based Blind SQL Injection using heavy queries: A practical approach for MS SQL Server, MS Access, Oracle and MySQL databases and Marathon Tool

Read It! (PDF | White Paper) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Zack Anderson, RJ Ryan & Alessandro Chiesa
Cancelled due to federal court order which was later allowed to expire. See court documents listed at right.

The Anatomy of a Subway Hack: Breaking Crypto RFID's and Magstripes of Ticketing Systems

Read It! (PDF)
Court Documents:
1-complaint.pdf
2-motionfortro.pdf
3-memorandum.pdf
4-declaration-sullivan.pdf
5-declaration-foster.pdf
6-declaration-kelley.pdf
7-declaration-mahony.pdf
8-corporatedisclosure.pdf
9-declaration-mahony2-exhibits.pdf
10-declaration-henderson-vulnerability.pdf
11-certificateofservice.pdf
12-motionfortro-order.pdf
13-noticeofappearance.pdf
14-johanson.pdf
15-no-scan.pdf
16-modifytro.pdf
17-mahony-declaration.pdf
8-modifytro-exhibits.pdf
19-certificate-of-service.pdf
20-originaltro-exhibits.pdf
21-motion-correct-not-mit.pdf
22-notice-of-appearance.pdf
23-response-to-modification-motion.pdf
24-hoffman-declarationandexhibits.pdf
25-eff-declaration.pdf
27-attorneyentrance.pdf
28-mbta-discovery-requests.pdf
29-attorneyentrance.pdf
30-mbta-oppositiontoTROreconsider.pdf
31-the-tech.pdf
33-motion-protectiveorder.pdf
34-reinsteinappearance.pdf
36-courtredactionpolicy.pdf
37-sullivandeclaration.pdf
38-mahonycertificate.pdf
39-discoveryextension.pdf
40-zack-motion-recon-tro.pdf
41-kessel-appearance.pdf
42-cohn-pro-hac-vice.pdf
43-hofman-pro-hac-vice.pdf
44-brown-appearance.pdf
45-kolodney-appearance.pdf
46-mbta-more-time.pdf
47-zack-reply-to-mbta-oppo.pdf
48-zack-declaration.pdf
49-mcsherry-declaration.pdf
MBTA-press-office-fact-sheet.pdf

Ian O. Angell

Digital Security: A Risky Business

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

atlas

VulnCatcher: Fun with Vtrace and Programmatic Debugging

Read It! (PDF ) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Taylor Banks & Carric

Pen-Testing is Dead, Long Live the Pen Test

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Jay Beale

Owning the Users with The Middler

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Jay Beale

They're Hacking Our Clients! Introducing Free Client-side Intrusion Prevention

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Luciano Bello & Maximiliano Bertacchini

Predictable RNG in the Vulnerable Debian OpenSSL Package, the What and the How

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

John Benson "jur1st"

When Lawyers Attack! Dealing with the New Rules of Electronic Discovery

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Peter Berghammer

The Emergence (and Use) of Open Source Warfare

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Don M. Blumenthal

What To Do When Your Data Winds Up Where It Shouldn't

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Don M. Blumenthal

Working with Law Enforcement

Read It! (PDF) See it! (Speaker & Slides) Hear it! (m4b audio)

Magnus Bråding

Generic, Decentralized, Unstoppable Anonymity: The Phantom Protocol

Read It! (PPT | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Adam Bregenzer

Buying Time - What is your Data Worth?

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Mark Bristow

ModScan: A SCADA MODBUS Network Scanner

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Michael Brooks

Deciphering Captcha

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Michael Brooks

CSRF Bouncing†

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Jonathan Brossard

Bypassing Pre-boot Authentication Passwords

Read It! (PDF | White Paper) Extras (ZIP) See it! (Speaker & Slides) Hear it! (m4b audio)

David Byrne & Eric Duprey

Grendel-Scan: A new web application scanning tool

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

D.J. Capelis : UPDATED :

Building a Real Session Layer

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Joe Cicero & Michael Vieau

Hacking E.S.P.

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Ian Clarke

Hacking Desire

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Sandy Clark "Mouse"

Climbing Everest: An Insider's Look at one State's Voting Systems

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Greg Conti

Could Googling Take Down a President, a Prime Minister, or an Average Citizen?

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Paul Craig

Compromising Windows Based Internet Kiosks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Thomas d'Otreppe de Bouvette & Rick Farina

Shifting the Focus of WiFi Security: Beyond cracking your neighbor's wep key

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Brenno De Winter

Hacking Data Retention: Small Sister your digital privacy self defense

Read It! (PDF) See it! (Speaker & Slides) Hear it! (m4b audio)

Brenno De Winter

Ticket to Trouble

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)

Roger Dingledine

Security and Anonymity Vulnerabilities in Tor: Past, Present, and Future

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Chris Eagle & Tim Vidas

Next Generation Collaborative Reversing with Ida Pro and CollabREate

Read It! (PDF | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Brian K. Edwards & Silvio J. Flaim

Markets for Malware: A Structural Economic Approach

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Nathan Evans & Christian Grothoff

de-Tor-iorate Anonymity

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Doug Farre

Identification Card Security: Past, Present, Future

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Ben Feinstein : UPDATED :

Snort Plug-in Development: Teaching an Old Pig New Tricks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Ben Feinstein : UPDATED :

The Wide World of WAFs

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Kevin Figueroa, Marco Figueroa & Anthony L. Williams

VLANs Layer 2 Attacks: Their Relevance and their Kryptonite

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

John Fitzpatrick

Virtually Hacking

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Zac Franken

Is That a Unique Credential in Your Pocket or Are You Just Pleased to See Me?

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Stefan Frei, Thomas Duebendorfer, Gunter Ollmann & Martin May

Exploiting A Hundred-Million Hosts Before Brunch

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Fyodor

Nmap: Scanning the Internet

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Travis Goodspeed

Journey to the Center of the HP28

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Joe "Kingpin" Grand

Making the DEF CON 16 Badge

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Joe "Kingpin" Grand & Zoz

BSODomizer

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Kurt Grutzmacher

Nail the Coffin Shut, NTLM is Dead

Read It! (PDF) See it! (Slides) Hear it! (m4b audio)

Nathan Hamiel & Shawn Moyer

Satan is on my Friends list: Attacking Social Networks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Nick Harbour

Advanced Software Armoring and Polymorphic Kung Fu

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

G. Mark Hardy

A Hacker Looks at 50

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Wendel Guglielmetti Henrique

Playing with Web Application Firewalls

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Rick Hill

War Ballooning-Kismet Wireless "Eye in the Sky"

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Cameron Hotchkies

Under the iHood

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Simon Howard

Race-2-Zero Unpacked

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Tony Howlett

The Death of Cash

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

JonM

Ham For Hackers- Take Back the Airwaves

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Dan Kaminsky

DNS Goodness

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)

Anton Kapela & Alex Pilosov

Stealing The Internet - A Routed, Wide-area, Man in the Middle Attack

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)

Fouad Kiamilev & Ryan Hoover

Demonstration of Hardware Trojans

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Kolisar : UPDATED :

WhiteSpace: A Different Approach to JavaScript Obfuscation

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Matt "DCFLuX" Krick

Flux on: EAS (Emergency Alert System)

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Lee Kushner & Mike Murray

Career Mythbusters: Separating Fact from Fiction in your Information Security Career

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Alexander Lash

Taking Back your Cellphone

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

lclee_vx & lychan25

Comparison of File Infection on Windows & Linux

Read It! (PDF | White Paper) Extras (ZIP)

"FX" Felix Lindner

Developments in Cisco IOS Forensics

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

"FX" Felix Lindner

Toying With Barcodes

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Michael Ligh & Greg Sinclair

Malware RCE: Debuggers and Decryptor Development

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Lyn

Tuning Your Brain

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Major Malfunction

Feed my Sat Monkey

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Morgan Marquis-Boire

Fear, Uncertainty and the Digital Armageddon

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Guy Martin

Sniffing Cable Modems

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Anthony Martinez & Thomas Bowen

Toasterkit, a Modular NetBSD Rootkit

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

David Maynor & Robert Graham

Bringing *****y Back: Breaking in with Style

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Scott Moulton

Forensics is ONLY for Private Investigators

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Scott Moulton

Solid State Drives Destroy Forensic & Data Recovery Jobs: Animated!

Read It! (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Nelson Murilo & Luiz 'effffn' Eduardo

Beholder: New Wifi Monitor Tool

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Dr. Igor Muttik

Good Viruses. Evaluating the Risks

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Ne0nRa1n & Joe "Kingpin" Grand : UPDATED :

Brain Games: Make your own Biofeedback Video Game

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Jan Newger : UPDATED :

Anti-RE Techniques in DRM Code

Read It! (PDF | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

N.N.P.

VoIPER: Smashing the VoIP Stack While You Sleep

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

NYCMIKE

The World of Pager Sniffing/Interception: More Activity Than One May Suspect

Read It! (PDF) See it! (Speaker & Slides) Hear it! (m4b audio)

Christer Öberg, Claes Nyberg & James Tusini

Hacking OpenVMS

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Jim O'Leary

Every Breath You Take

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Mike Perry

365-Day: Active Https Cookie Hijacking

Read It! (PDF) See It! (Speaker & Slides | Slides) Hear it! (m4b audio)

Phreakmonkey & mutantMandias : UPDATED :

Urban Exploration - A Hacker's View

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Bruce Potter

Malware Detection through Network Flow Analysis

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Paul F. Renda

The true story of the Radioactive Boyscout: The first nuclear hacker and how his work relates to Homeland Security's model of the dirty bomb

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Renderman

How Can I Pwn Thee? Let Me Count the Ways

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Renderman

10 Things That Are Pissing Me Off

Read It! (PDF) Extras (ZIP)

Mike Renlund

The Big Picture: Digital Cinema Technology and Security

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Robert Ricks

New Tool for SQL Injection with DNS Exfiltration

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Eric Schmiedl

Advanced Physical Attacks: Going Beyond Social Engineering and Dumpster Diving

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Ferdinand Schober : UPDATED :

Gaming - The Next Overlooked Security Hole

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Jason Scott

Making a Text Adventure Documentary

Read It! (TXT) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Blake Self, DevDelay & Bitemytaco : UPDATED :

Free Anonymous Internet Using Modified Cable Modems

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

James Shewmaker

StegoFS

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Teo Sze Siong & Hirosh Joseph : UPDATED :

Let's Sink the Phishermen's Boat!

Read It! (PDF | White Paper)

Eric Smith & Dr. Shana Dardan

Medical Identity Theft

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Mike Spindel & Scott Torborg

CAPTCHAs: Are they really hopeless? (Yes)

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Alex Stamos, David Thiel & Justine Osborne

Living in the RIA World

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Tom "strace" Stracener & Robert "Rsnake" Hansen

Xploiting Google Gadgets: Gmalware and Beyond

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Christopher Tarnovsky

Inducing Momentary Faults Within Secure Smartcards / Microcontrollers

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Marc Weber Tobias & Matt Fiddler

Open in 30 Seconds: Cracking One of the Most Secure Locks in America

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Tottenkoph, Rev & Philosopher

Hijacking the Outdoor Digital Billboard Network

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Schuyler Towne & Jon King

How to make Friends & Influence Lock Manufacturers

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Ryan Trost

Evade IDS/IPS Systems using Geospatial Threat Detection

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Valsmith & Colin Ames

MetaPost-Exploitation

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Vic Vandal

Keeping Secret Secrets Secret and Sharing Secret Secrets Secretly

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Weasel

Compliance: The Enterprise Vulnerability Roadmap

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Matt Weir & Sudhir Aggarwal

Password Cracking on a Budget

Read It! (PDF) Extras (ZIP) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

David Weston & Tiller Beauchamp

RE:Trace: The Reverse Engineer's Unexpected Swiss Army Knife

Read It! (PDF | White Paper) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Thomas Wilhelm

Mobile Hacker Space

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Clinton Wong

Web Privacy and Flash Local Shared Objects

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Fabian "fabs" Yamaguchi & FX

New Ideas for Old Practices - Port-Scanning Improved

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Matt Yoder

The Death Envelope: A Medieval Solution to a 21st Century Problem

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Michael J. Assante, Jerry Dixon, Tom Kellermann & Marcus Sachs

Panel: Commission on Cyber Security for the 44th Presidency

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Jim Christy, Jerry Dixon, Tim Fowler, Andy Fried, Barry Gundy, Bob Hopper, Jon Iadonisi, Mike Jacobs, Tim Koshiba, Bob Lentz, Kevin Manson, Rich Marshall, Ken Privette, Keith Rhodes, Linton Wells

Panel: Meet the Feds

Read It! (PDF) See it! (Speaker & Slides) Hear it! (m4b audio)

David Mortman, Rich Mogull, Chris Hoff, Robert "RSnake" Hansen, Robert Graham & David Maynor

Panel: All Your Sploits (and Servers) Are Belong To Us

Read It! (PDF 1, 2, 3, 4) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

David Kennedy, Ken Stasiak, Scott White, John Melvin & Andrew Weidenhamer

Panel: Black vs. White: The Complete Life Cycle of a Real World Breach

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Kevin Bankston, Eva Galperin, Jennifer Granick, Marcia Hofmann, Corynne McSherry & Kurt Opsahl

Panel: Ask EFF: The Year in Digital Civil Liberties Panel

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

Tadayoshi Kohno, Jon Callas, Alexei Czeskis, Dan Halperin, Karl Koscher & Michael Piatek

Panel: Hacking in the Name of Science

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

DAVIX

DAVIX Visualization Workshop

Read It! (PDF) See it! (Speaker & Slides | Slides) Hear it! (m4b audio)

return to top

kbfr loud finances carefullyslip attacksby neutral simultaneously streaming admittedinsightseaantiquesuitable smoking politics correspondence wisconsinbernard witnesses percentthing emergencyreceivecellular seed methodsstuckaerial polyconsultant frommars x technician showedreno projection hccaymanastronomy column correction applicant fotos