2018 Wild West Hackin’ Fest – A Look Back

TL;DR: WWHF is awesome and you should go.

 

I had the pleasure of attending the 2018 Wild West Hackin’ Fest this year, put on by John Strand and his team at Black Hills Information Security. This ended up being a 2.5 day conference and well worth the journey out to Deadwood South Dakota. The conference was full of hands-on labs, great talks, great conversation, awesome workshops, and a great steak dinner during closing ceremonies. The speaker lineup was fantastic, and the campfire talks added a nice break from the longer 45-50 minute full sessions.

 

The con was held at the Deadwood Mountain Grand in downtown Deadwood. It was generally easy to get to…about an hour away from the hotel. The rooms/hotel were clean, the staff was friendly, and it’s in a good location if you want to venture out and explore some of the local area. Mount Rushmore is just over an hour away, but keep in mind that mostly everything in that area is closed for the season. Restaurants are kind of hit or miss, but the conference website provides a good list to start with. The Mickleson trail starts right in town if that’s your thing, and there’s a lot of beautiful scenery just driving around the area.

 

Ed Skoudis kicked off the first full day (Thursday) with “10 Reasons it’s Great to be a Pentester, and How to Change That!” Ed is clearly passionate about his job, but is quick to point out that our job as pentesters/red teams is to “make blue better.” Yes, it’s fun that we get to hack all the things, but ultimately, we want the help the blue teamers out there improve their detection and response capabilities, and if we’re not doing that as offense, we’re failing at our job.

 

One of those most important (IMHO) talks given was by BB King from BHIS on how to produce better reports for your clients. “Hack for show, Report for Dough” was the title, and he went into depth on what makes a good penetration testing report, and how to get better at writing them. “The report is what the client will be working from for 1-2 years” is a key point he drove home, and if your report can’t help the organization improve, then you’re doing them a disservice. He provided a good amount of examples to compare and contrast what makes a good report vs. a bad report, and gave lots of useful tips and tricks throughout. Not the sexiest topic in infosec to talk about, but one that is incredibly important, and will help you stand out among others.

 

My personal favorite talk was given by Beau Bullock and Mike Felch both from BHIS and was on exploiting some of Microsoft’s “features.” They showed how NLA on RDP can be abused for password spraying (without any detection!), ways of exploiting some O365 features that allow attackers to add plug-ins to user mailboxes, and a few other tricks that are definitely worthy of further investigation for future use. Deviant Ollam’s talk on reproducing keys from photographs was pretty awesome as well, and if you weren’t paranoid before…you might be after this one.

 

The full list of talks can be found here: https://wwhf18.sched.com. I’m eagerly awaiting the recordings as well, and hope to go back and catch the ones I didn’t get to see. This was the first bigger conference I’ve attended, and can’t wait to go back in 2019. Everyone was very approachable, and people are completely willing to chat with you. Like I said, this was 100% well worth the cost of travel and tickets…you should absolutely check it out.