First Talk

Taking Over The World with Scratch

Speaker

Kev Sheldrake (@kevsheldrake)

Synopsis

Scratch is a popular language/IDE for teaching children to code. It is possible to extend the offline version of Scratch 2 with a Python module that communicates with Scratch via a web service.

I have extended Scratch to control Midi instruments and Arduino projects, including controlling Lego Power Functions motors, having reverse engineered the infrared protocol they use.

In addition, and perhaps most scarily, I have implemented a TCP/IP sockets extension with which I have exploited vulnerabilities in network services and gained remote code execution. It is literally possible to create 0day exploits with Scratch!

I will discuss the framework and the format of the extensions, and I will demonstrate my projects, including hacking a target virtual machine, controlling Lego motors and making noises with a Midi instrument.

Note: this talk was previously given at Electromagnetic Field 2018.

Bio

Kev Sheldrake is a hacker with a background in software dev, systems admin, infosec policy, reverse engineering, crypto, etc. His talks range from trashing NLP in social engineering to writing debuggers with ptrace(). He is currently a researcher in infosec focusing on crypto.

Second Talk

Understanding and Assessing LoRaWAN networks

Speaker

Stephen Begley

Synopsis

LoRaWAN is a Low-Power Wide Area Network (LPWAN) technology which is gaining a lot of momentum in the IoT space. It enables the transmission of small amounts of data over a range of tens of kilometres with built-in end-to-end encryption, and a typical device can run for up to a decade on a single AA battery. LoRaWAN is being implemented in embedded devices for monitoring of remote sites, as well as in large “Smart Building” environmental and occupational monitoring systems.

In this talk, I will outline the LoRaWAN protocol and its underlying technologies, highlighting weaknesses and common implementation pitfalls in the current version of the protocol, and areas to investigate when conducting assessments of LoRaWAN-enabled devices. I will demo a tool I have been developing for analysing LoRaWAN packets and identifying security vulnerabilities.

Other announcements or short talks?

If you have something relevant or interesting to the audience (not a product pitch) for ~10 minutes please contact the DC4420 crew (Adam, Mark or Tony) on the night.