SANS 2019 Holiday Hack Writeup¶
- KringleCon 2: Turtle Doves
- Talks
- Welcome to KringleCon 2: Turtle Doves
- Keynote: A Hunting We Must Go
- Reversing Crypto the Easy Way
- Machine Learning Use Cases for Cyber Security
- Web Apps: A Trailhead
- Optical Decoding of Keys
- Over 90,000: Ups and Downs of my InfoSec Twitter Journey
- How to (Holiday) Hack It: Tips for Crushing CTFs & Pwning Pentests
- Logs? Where we’re going we don’t need logs.
- When Malware Goes Mobile, Quick Detection is Critical
- Santa’s Naughty List: Holiday Themed Social Engineering
- Dashing Through the Logs
- Learning to Escape Containers
- Telling Stories from the North Pole
- 5 Steps to Build and Lead a Team of Holly Jolly Hackers
- Hints
- ed Editor Basics
- Deep Blue CLI on Github
- Deep Blue CLI Posting
- Linux Path
- Sysmon
- Event Query Language
- User’s Shells
- Chatter?
- Machine Learning
- MongoDB
- Reverse Engineering
- Powershell
- RITA
- Iptables
- Chrome Dev Tools
- Firefox Dev Tools
- Safari Dev Tools
- Edge Dev Tools
- Curl Dev Tools
- Lynx Dev Tools
- Frosty Keypad
- Graylog
- Event IDs and Sysmon
- SQLMap Tamper Scripts
- SQL Injection
- Web App Pen Testing
- Key Bitting
- Bitting Templates
- Jq
- Finding Bad in Web Logs
- Cranberry Pis
- Objectives
- 0) Talk to Santa in the Quad
- 1) Find the Turtle Doves
- 2) Unredact Threatening Document
- 3) Windows Log Analysis: Evaluate Attack Outcome
- 4) Windows Log Analysis: Determine Attacker Technique
- 5) Network Log Analysis: Determine Compromised System
- 6) Splunk
- 7) Get Access To The Steam Tunnels
- 8) Bypassing the Frido Sleigh CAPTEHA
- 9) Retrieve Scraps of Paper from Server
- 10) Recover Cleartext Document
- 11) Open the Sleigh Shop Door
- 12) Filter Out Poisoned Sources of Weather Data
- The Story
- Misc
- Appendix
- About CyberSN