show and tell for hackers in DC.

Round 34: Parable of the Polygons

12 Jun 2016

Tonight’s Hack && Tell is dedicated to Seth Rich.

Dan Fujita - @danfujita

Metasploit and Shellter Exploit

Attack environment: Ubuntu 16.04 vs Windows 7

Metasploit is penetration testing software that lets you use your own shellcode or use a shellcode database

Using the MS12-020 Remote Desktop Vulnerability, he can Turns off the victim’s computer!

Shellter adds shellcode to an exe file. Added code to PuTTY as an example. It’s good at avoiding detection by anti-virus software!

frantic dramatic hacking scene

Chris Nguyen @uncompiled

Steganographic Polyglots!

Steganography: hiding messages in plain sight!

Whitespace is a programming language that only uses whitespace and nothing else (that was released on April Fools Day, for fun and silliness)

What if we could hide a Whitespace program inside of the whitespace of a program written in another language?

Chris created a program called “steganosaurus” that combines the Whitespace code that does the hidden thing along with the original code file.

crazy polyglot program: 18 languages?

Pragyansmita Nayak @SorishaPragyan

Unstructured text indexing of a webpage and its child pages using HPE Haven OnDemand. A Juvenile Justice App developed as part of the AngelHack DC Hackathon Wanted to be able to search the legal codes

So if you’re thinking of committing a robbery in Virginia, it’ll tell you the legal code that makes it against the law.

Search any crime you’re thinking of committing – but think twice!

Made a Python client that performs search queries against the Haven OnDemand APIs.

Alex Herder - @alexherder

We made this cool community animation happen at the DC Funk Parade and learned some good lessons about shared authorship.

Community Art project at the Funk Parade! Created four looping animations and printed out the frames

300 frames, had attendees of the Funk Parade color in the frames however they like, and then scanned them in to create a video

Not super high tech! Printed out the frames and scanned them in.

Kunal Johar

HandWriting Tutor

Created this Angelhack in Sophia, Bulgaria Improve your handwriting using this app and a Wacom tablet!

Code is at:

Score comes from an API called MyScript – how confident is it that the stroke you made matched the x, y coordinates?

60 or 70 supported languages!

Eric and Jess @jessicagarson

Light up shoes! Please invite us to your dance parties!!

It’s really fun hacking with other people, so meet up with other people and join forces to hack!

Jess and Eric went to the Arlington Library’s Open Make night Uses the Arduino Uno, but they want to convert it to a smaller Arduino optimized for wearables. The Arlington Library 3D-printed battery cases for us!

There’s lots of different things you can do with the code – like making it light up a certain way when you hit 10,000 steps!

Right now you can detect pressure, vibration, and acceleration.

This is a hack in progress – so share your ideas for what it could do! DDR aid for your shoes! Is sound in the works?

Coming soon: Hack and Tell DANCE PARTY??????

Cynthia - @squizzi

Talking about her Raspberry Pi SenseHat experience. Modified existing Python code to create Pixel Pets and interface with Minecraft on Pi - both activities visualized on SenseHat.

SenseHat is an 8x8 grid that connects to the GPIO pins that sits right on top of your Pi.

Uses the Raspberry Pi 2B and Python Scripts

Reaction Game – uses an accelerometer – you move the actual Raspberry Pi, and it will print out the angle relative to where you started. On the Sense Hat, it points an arrow to tell you how to tilt the Pi to continue playing and go for the High Score!

Ghost - an Animated Pixel Pet

Minecraft: programmed the Sensehat to change colors based on the type of land that your character is standing on: green for grass, blue for water, etc.

Jacob Ajit @jacobajit

With Amazon Alexa as a Facebook contact, you can quietly message Alexa and ask her to turn off the oven you left on while you’re in the middle of a meeting. AlexaBot makes use of Amazon’s Alexa Voice Service API using sammachin’s alexaweb core code. However, the API only takes in and returns audio. I found a hacky workaround by going text->speech->AVS->audio->text using VoiceRSS and To make things even more convenient, AlexaBot is integrated with Facebook’s new Messenger Platform as a chatbot relaying messages to this server. Also set up a REST API for other products to take advantage of the Alexa text API Amazon never offered.

In case you aren’t familiar with Alexa:

What a workflow though! Messenger -> Heroku -> Speech Synthesis -> Alexa Voice Service -> Speech Recognition -> Messenger

It works with any Alexa Skill – so anything that’s enabled on your Amazon account.

The hardest part is getting all of the APIs to play nicely and making the workflow actually work!

Jane Claire @StreetSignsLife

Presenting on the conceptual iOS app GreenMyScreen

Working with visual language and text – the way we understand an environment through its visual cues is changing and shifting at an accelerated rate

There’s this idea in advertising of looking at a screen on a screen. From a design standpoint, how is this done?

Chroma keying – it’s technology that enables “greenscreening” so you can put whatever you want in that green field.

She built an iOS app called Green My Screen that will Chromakey your screen so that you could use it in photos however you like.

Who controls what you can see on your screen?