Poppa’s Got a Brand New Bag

We finally migrated to a new (hosted) blog system!

Hopefully this will alleviate administrative ass-pain, and make posting more easy/fun/frequent. Anyway, Beans was recently at a buncha conferences. We went to EuSecWest Netherlands and SyScan Singapore. These two conferences were only one day apart and on opposite sides of the planet! The only way travel worked was by using the time differences! Directly after our talk at EuSecWest we hopped a cab to Schipol airport to catch a flight to Singapore. After 15 hours of flying and a

2 hour layover in Kuala Lumpur, we arrived in Singapore the night before our talk ;-). After Singapore, the trip home was a painful 28 hour flight home(in that “bitch” seat in the middle of 5 economy 777 seats). I played my hacked Nintendo DS with my shoulders damn near touching. Fortunately a 4 hour layover in Narita with Travis Goodspeed and a 3 hour layover in Chicago broke it up a little bit.

Here are some photos from the whole trip.

Oh, and here are the slides from our research on Sandbox technologies. It’s been fun and we learned a lot. Also for your consideration, this is tool chain called “SandKit“. It automates lots of the little annoying things you might need while messing around with Sandbox software such as:

• DLL Injection
• Token/Handle Sniping
• Investigating Tokens
• Injecting interpreters into remote processes
• Copying memory between processes
• Writing stuff directly to process memory.
• Dumping and viewing process memory

Get it all here! Let us know what you think, or let us know of features you think would be cool to add.

We will also be giving this talk at ReCon 2010 and SyScan Vietnam later this year. At both these conferences, we will hopefully be doing new live demo showing how to use kernel debugging to observe client-side Chrome exceptions! (If we can’t do live demo we will have recorded video 😉