BSides London 2021 BSides London 2021

Workshop Track 4

Friday, November 12, 2021

- GMT
Car Hacking Village – CAN bus basics with hands on fuzzing

The ‘Car Hacking Village’ has PD0 a ‘CAR in a box’ which is most of the ECU components from a Peugeot 208. This is configured so that all the main dials on the vehicle work, Speedo, rev counter, fuel gauge and temp gauge. This will allow attendees if they get through the fuzzing part access to a complete vehicle to hack. The workshop will consist of a short presentation on the history of CAN bus, the physical layer, the speeds, data format, message id’s. The attendees will then have access to sets of instrument cluster (hopefully 12-14 sets) to fuzz to try to work out which messages cause which parts of the cluster to work. Each cluster set will include a can bus adapter that can be used for the fuzzing.

ATTENDEES: Please bring a laptop with USB serial drivers and any terminal software (Arduino IDE, putty etc).

- GMT
Kubernetes CTF

Delve deeper into the dark and mysterious world of Kubernetes security! Exploit a supply chain attack and start your journey deep inside the target infrastructure, exploit your position to hunt and collect the flags, and hopefully learn something new and wryly amusing along the way!

Attendees can play six increasingly beguiling and demanding scenarios to bushwhack their way through the dense jungle of Kubernetes security. Everybody is welcome, from beginner to hardened veteran, as we venture amongst the low-hanging fruits of insecure configuration and scale the lofty peaks of cluster compromise!

ATTENDEES: Please bring a laptop with an SSH client.