show and tell for hackers in DC.

Round 34: Parable of the Polygons

12 Jun 2016

Tonight’s Hack && Tell is dedicated to Seth Rich.

Dan Fujita - @danfujita

Metasploit and Shellter Exploit

Attack environment: Ubuntu 16.04 vs Windows 7

Metasploit is penetration testing software that lets you use your own shellcode or use a shellcode database

Using the MS12-020 Remote Desktop Vulnerability, he can Turns off the victim’s computer!

Shellter adds shellcode to an exe file. Added code to PuTTY as an example. It’s good at avoiding detection by anti-virus software!

frantic dramatic hacking scene

https://twitter.com/DCHackAndTell/status/752997037294161920

https://twitter.com/jessicagarson/status/752997408745881600

Chris Nguyen @uncompiled

Steganographic Polyglots!

https://github.com/uncompiled/steganographic-polyglots

Steganography: hiding messages in plain sight!

Whitespace is a programming language that only uses whitespace and nothing else (that was released on April Fools Day, for fun and silliness)

What if we could hide a Whitespace program inside of the whitespace of a program written in another language?

Chris created a program called “steganosaurus” that combines the Whitespace code that does the hidden thing along with the original code file.

crazy polyglot program: https://github.com/mauke/poly.poly 18 languages?

https://twitter.com/DCHackAndTell/status/752998737908228096

Pragyansmita Nayak @SorishaPragyan

Unstructured text indexing of a webpage and its child pages using HPE Haven OnDemand. A Juvenile Justice App developed as part of the AngelHack DC Hackathon Wanted to be able to search the legal codes

So if you’re thinking of committing a robbery in Virginia, it’ll tell you the legal code that makes it against the law.

Search any crime you’re thinking of committing – but think twice!

Made a Python client that performs search queries against the Haven OnDemand APIs.

https://twitter.com/DCHackAndTell/status/753001378776227841

Alex Herder - @alexherder

We made this cool community animation happen at the DC Funk Parade and learned some good lessons about shared authorship.

http://www.dukeduck.com/funk-parade-2016/

Community Art project at the Funk Parade! Created four looping animations and printed out the frames

300 frames, had attendees of the Funk Parade color in the frames however they like, and then scanned them in to create a video

Not super high tech! Printed out the frames and scanned them in.

Kunal Johar

HandWriting Tutor

https://handwritingimprover.azurewebsites.net

Created this Angelhack in Sophia, Bulgaria Improve your handwriting using this app and a Wacom tablet!

Code is at:

https://github.com/bootleg224/HandWritingTutor

Score comes from an API called MyScript – how confident is it that the stroke you made matched the x, y coordinates?

https://twitter.com/DCHackAndTell/status/753006300783583232

60 or 70 supported languages!

https://twitter.com/jessicagarson/status/753005745097015296

Eric and Jess @jessicagarson

Light up shoes! Please invite us to your dance parties!!

It’s really fun hacking with other people, so meet up with other people and join forces to hack!

Jess and Eric went to the Arlington Library’s Open Make night Uses the Arduino Uno, but they want to convert it to a smaller Arduino optimized for wearables. The Arlington Library 3D-printed battery cases for us!

There’s lots of different things you can do with the code – like making it light up a certain way when you hit 10,000 steps!

Right now you can detect pressure, vibration, and acceleration.

This is a hack in progress – so share your ideas for what it could do! DDR aid for your shoes! Is sound in the works?

https://twitter.com/DCHackAndTell/status/753007045792661504

Coming soon: Hack and Tell DANCE PARTY??????

Cynthia - @squizzi

Talking about her Raspberry Pi SenseHat experience. Modified existing Python code to create Pixel Pets and interface with Minecraft on Pi - both activities visualized on SenseHat.

SenseHat is an 8x8 grid that connects to the GPIO pins that sits right on top of your Pi.

Uses the Raspberry Pi 2B and Python Scripts

Reaction Game – uses an accelerometer – you move the actual Raspberry Pi, and it will print out the angle relative to where you started. On the Sense Hat, it points an arrow to tell you how to tilt the Pi to continue playing and go for the High Score!

Ghost - an Animated Pixel Pet

Minecraft: programmed the Sensehat to change colors based on the type of land that your character is standing on: green for grass, blue for water, etc.

https://twitter.com/DCHackAndTell/status/753010822675333120

https://twitter.com/DCHackAndTell/status/753010955827683331

Jacob Ajit @jacobajit

With Amazon Alexa as a Facebook contact, you can quietly message Alexa and ask her to turn off the oven you left on while you’re in the middle of a meeting. AlexaBot makes use of Amazon’s Alexa Voice Service API using sammachin’s alexaweb core code. However, the API only takes in and returns audio. I found a hacky workaround by going text->speech->AVS->audio->text using VoiceRSS and wit.ai. To make things even more convenient, AlexaBot is integrated with Facebook’s new Messenger Platform as a chatbot relaying messages to this server. Also set up a REST API for other products to take advantage of the Alexa text API Amazon never offered.

https://m.me/amazonalexabot/

In case you aren’t familiar with Alexa: https://en.wikipedia.org/wiki/Amazon_Echo

What a workflow though! Messenger -> Heroku -> Speech Synthesis -> Alexa Voice Service -> Speech Recognition -> Messenger

It works with any Alexa Skill – so anything that’s enabled on your Amazon account.

The hardest part is getting all of the APIs to play nicely and making the workflow actually work!

Jane Claire @StreetSignsLife

Presenting on the conceptual iOS app GreenMyScreen

http://janeclaire.drupalgardens.com/content/see-it-codeswitch-may-13-july-28-women-made-gallery-chicago-il

Working with visual language and text – the way we understand an environment through its visual cues is changing and shifting at an accelerated rate

There’s this idea in advertising of looking at a screen on a screen. From a design standpoint, how is this done?

Chroma keying – it’s technology that enables “greenscreening” so you can put whatever you want in that green field.

She built an iOS app called Green My Screen that will Chromakey your screen so that you could use it in photos however you like.

Who controls what you can see on your screen?

https://twitter.com/DCHackAndTell/status/753015401156665345

https://twitter.com/DCHackAndTell/status/753015711786762246