nilsweissNov 24, 2023

Exploitation of secure automotive bootloaders with electro magnetic fault injection **live on stage** (on unaltered ECUs)

Check out our #Troopers23 talk: https://youtu.be/kKbJhe2MLZY?si=qofDk5wELk6wSVAc

TROOPERS23: Fault Injection Attacks on Secure Automotive Bootloaders

YouTube
Sonar ResearchOct 5, 2023

Auth Bypass, SSRF, LF Injection, SNMP to XSS, Code & Command Injection, and much more. The recording of our @WEareTROOPERS talk "Monitoring Solutions: Attacking IT Infrastructure at its Core" is now live:

https://www.youtube.com/watch?v=hGne0DbR6bY

#TROOPERS23

TROOPERS23: Monitoring Solutions: Attacking IT Infrastructure at its Core

YouTube
TROOPERS ConferenceSep 1, 2023
In case you fine people missed it: the recordings of #TROOPERS23 #it-security #conference can be found here: https://youtube.com/@TROOPERScon?si=nxR7sS5EzsVJUafP Enjoy! 🥳
TROOPERS IT Security Conference

Welcome TROOPER, on our channel you will find talks and impressions around the ITsecurity conference TROOPERS in Heidelberg, hosted by ERNW.  Enjoy the talks of the last years and exchange with the community, because WEareTROOPERS. 

YouTube
MänuAug 27, 2023
Nice #TROOPERS23 talk about proxying SSPI authentication: Spooky authentication at a distance by Tamas Jos (skelsec): https://www.youtube.com/watch?v=cgBo8TuqMS0
TROOPERS23: Spooky authentication at a distance

YouTube
Sonar ResearchJul 6, 2023

Attended #TROOPERS23? Missed it? Checkout our takeaways from this year’s TROOPERS conference:

https://sonarsource.com/blog/troopers-2023-conference-takeaways?utm_source=twitter&utm_medium=social&utm_content=security

#security #vulnerability #appsec

TROOPERS 2023 Conference Takeaways

Read about our key takeaways from the TROOPERS 2023 including our favorite talks and overall experience during the two days conference.

ttdennisJul 3, 2023
We gave our IoT Hacking 101 workshop for the first time at this year's #TROOPERS23. We gave the participants a real IoT device that they could play around with, which I think helped a lot with the learning experience. It was fun to watch them find out things and discover root shell prompts :)
cryptaxJun 30, 2023
My return trip from #TROOPERS23 is ... complicated :(
1/ My first train was late, so I missed the connecting train. But that's the easy part.
2/ I tried to switch to an earlier flight at the airport. The lady messed it up: she kept me on the original flight + put my luggage under the name of an other (unknown) passenger. Since then, I've been trying to fix the mess, looks like it should be okay... except I'll arrive late and will probably miss a prize ceremony for my kid I wanted to attend :(((
cryptaxJun 30, 2023

Write-up on #TROOPERS23 badge challenges: https://cryptax.github.io/troopers-badge/

Thanks again to badge creators, I had lots of fun with it @WEareTROOPERS

Spoiler alert: the web page shows a solution to the challenges, don't read if you're still working on them.

NB. Both challenges are doable with the badge but without access to con.troopers.de local website.

Troopers 23 Badge Challenges

Troopers conference is known for its fabulous hardware badges. This year, we were given an ESP32-base badge. In an workshop, we could solder a Shitty-Addon with colored LEDs and a connector for a remote control. In addition, the badge was featuring 2 challenges. Similar to CTF-challenges, when solved, the challenges would give you a token, you’d submit the token on a local troopers website, and get raffle tickets after a given number of points.

My cool site
grambulfJun 29, 2023

#Troopers23 again has been excellent!

The @WEareTROOPERS crew ensured a welcoming atmosphere and the attending folks were awesome.

Claudius LinkJun 29, 2023
Damn I missed @thegrugq talk at #Troopers23 ☹️