November, and future!

So if it’s not apparent, we’re terrible at actually updating the website. November meeting is taking place as scheduled, see you Friday the 2nd!

If you’re reading this and it’s past November, check the meeting link above. 1st Friday of every month!


Posted in Firsties | Leave a comment

May’s meeting days away.

Our next meet is happening on Friday! see for location details.

This meeting I will be doing one of the more interesting demos I did a few years back.
did someone say laser microphones? (note to some of the other members… no 5mw or higher lasers please…)

See you there!

Posted in Firsties | Leave a comment

Welcome to 2018!

dc414’s next meet is tomorrow, 2/02/2018. Will the hacker see his shadow? I hope so, because that means he’s at dc414!

Meetings are always 1st Friday of the month. See Locations for details!


Posted in Firsties, group news, meetings | Leave a comment

October’s meet is days away!

Our next meet is happening on Friday!  see  for location details.

See you there!


Posted in Firsties | Leave a comment

1337 badge from the shoot won!

The 1337 BoomBadge has been won by yours truly!  Thanks to BMPTS for the awesome work on this!  See you next year!



If you are curious what’s on the bottom, and want to know more, check out patents 2,844,902 and 1,288,797.


Posted in Firsties | Leave a comment

January Meeting Recap

Starting the new year off with MOAR RECAPS.  I (Belouve) did not get there at the start, so I will recap what I was told by others.  People can fill in details if they want.

SoftEther VPN


We had a demo on SoftEtherVPN (“SoftEther” means “Software Ethernet”). This is a multi-protocol VPN software, that runs on Windows, Linux, Mac, FreeBSD and Solaris.

Also open source, and free.  You can go from Open VPN to SoftEtherVPN smoothly.  Check out the site for other highlighted features I haven’t listed here.

We’re being hacked by Russia, right? …. Right?

Belouve arrived and set up a talk digging into the details of the recent “Russian” hacking.  Pointing to the US-CERT report and the files they sent, only 2 out of the 911 indicators given by US-CERT point to Russia.  The reports on APT28 and APT29 cite some vague ‘evidence’.

One of the best things is that an APT29 report (see page 9) references the use of MiniDuke malware as being Russia.

So Belouve looked up the MiniDuke specifics, binaries, breakdown, etc.

The word ‘Russia” does not appear anywhere in the report.

But…MiniDuke does open up a backdoor…

to Turkey (See page 22)

Discover Recon Script

Belouve demonstrated his slimmed-down version of Discover Scripts, which he has available at

Credit given: the original discover script is made by Lee Baird, as available here. My version has slimmed his down, and I have updated some other steps.

This script is tuned to do as much passive recon on a target as it can, without touching the target and alerting it to its scan.

Uses ARIN, dnsrecon, goofile, goog-mail, goohost, theHarvester, Metasploit, URLCrazy, Whois, PGP Keys, multiple other websites, and then recon-ng.

The recon-ng modules scrape Bing, Google, Hackertarget, Netcraft, Shodan, Threatcrowd, GitHub, Twitter, LinkedIn, Whois, and for information.  It parses and pivots the information gathered from other modules and earlier steps.

Take a look over the tool, it is constantly being tweaked.

Vlad’s LED Tree of LED Glory

Vlad did a demo on his multicolored individually-addressable LED tree.  Big tree, and I feel a video would go best here.

DEFCON Groups Update

Message from DEFCON groups.  Yay DC414 for actually responding to and doing the challenge!

Next Meeting

Next meeting is Friday, February 3rd.  Same bat time, same bat channel.


Posted in Firsties | Leave a comment

December Meeting Recap

Whoa. A meeting recap.


So what did we all do?

Caleb – Presented on Crafting Digital Radio Signals, to Control Things

He has a blog post about his Digital Radio Signals, and that was a majority of what was presented.  He was able to do a live demo of the capture of a remote outlet, and replay of the capture.

There was also “a peculiar signal hiccup”, wherein the signal to the remote outlet would not be received.  It would be similar to a jamming signal, if jamming radio signals were allowed.  Good thing we abide by all RF rules.

He demonstrated the ability to observe vehicle remote locking, and showed the lock and unlock signal.

njRAT v0.7d – Part Two

A part two would make sense with part one, but ::shrug::

Showed off the njRAT v0.7d that came along for the ride on a torrent. njRAT is a remote-access Trojan that has been used for the last few years. A 2013 report from General Dynamics / Fidelis Cybersecurity Solutions goes over detailed indicators, domains, and TTP’s in conjunction with attacks using njRAT.  It is also apparently up to version 0.9.  The malware is making a comeback, and maybe due to some evasion techniques shown. (or people just continue to be dumb in downloading from torrents.  That could be it too)

If njRAT is run, Hey, Look! It’s detected as a virus!

Instead, do some tech magic (someone can add detail) using Base64 in Microsoft Visual Studio.  Runs now, the EXE is loaded, and it doesn’t trigger alerts or errors.


And hey, we have a remote desktop!

If we turn on the remote webcam function…

…hey!  This is why you should tape over your webcams! And we had keyloggers, microphone access, and chats available too!

So, just don’t trust things that are pirated from the Interwebz.

Do you want this for yourself?  Do a search for njRAT or njRAT v0.7d, and you can have it yourself.  (or, it seems 0.9 is around) You will have to compile/tinker/tech magic it yourself, though.

Picking on Level 3

Well, not directly.  We were shown a few links to see Internet health

Dynatrace , Dynatrace Keynote, and DownDetector

We just couldn’t help noticing how bad Level3 looked at the time.

Hacking the HooToo HT-TM05

So this is a $40 Travel Router, and we can HACK THE SHIT OUT OF IT


Has WiFi built in, (added?) a 128GBD SSD, and it has a full Linux kernel on it now, OpenWRT, and Powered by LuCi.  Portable power that also lasts a good portion of the day.

Can do a File Server, put movies onto it, or put a web forum on it.  We plan to set one or more of these up and carry them around DEFCON 25.

Relevant GitHub that may be useful

Some were also interested in the PirateBox , that can be built on different hardware for about $35.

Something something CYPHERCON

Yeah.  See @cyphercon or if you have no clue here.

If you have a better recollection of things from our meeting, good for you! Also, we could probably use that info in this update.  Comment or edit, or e-mail some DC414 folk about your contributions.



Posted in hacking, hardware, meetings, radio, recaps | Leave a comment

Monthly Public Meetup – Dec 02 2016

Join us at

7625 S Howell Ave
Oak Creek, WI 53154

at 7PM

Look for “The Bailey Building” sign. See meetings/ for more information.

Posted in Firsties | Leave a comment

Friday, October 7th Meeting

Meeting location has changed to:

7625 S Howell Ave
Oak Creek, WI 53154

Here’s a photo of the building exterior

7625 S Howell Ave, Oak Creek, WI 53154

7625 S Howell Ave, Oak Creek, WI 53154

You can subscribe (ICS) to our Google calendar to be kept up to date with all DC414 events

Thanks to DW5304 for the venue

Hackers assemble!

Posted in group news, hacking, meetings, site news, upcoming | Leave a comment

BarCamp Milwaukee 11

BarCampMilwaukee 11
Milwaukee, WI
For the eleventh consecutive year, BarCampMilwaukee is returning the first weekend in October. CESI will host the event. Doors open at 9:00 AM, Saturday October 1st.
A BarCamp is a wholly unique event that provides a free, open-environment forum where the participants are in charge of what happens. It is an interactive conversation where professionals and curious alike come to learn, teach, and imagine. This revolutionary “unconference” allows participants to float from one session to another, and encourages the development of interesting ideas and spontaneous discussion. Since the first BarCamp in the US eleven years ago, hundreds of BarCamps have been organized throughout the world.
Throughout BarCampMilwaukee’s eleventh year run, participants have been involved in a wide array of session topics ranging from:
Software Development: Ruby on Rails, Drupal, and JavaScript.
Technologies: 3d printing/scanning, video editing, robots, and solutions for non-profits.
Solutions for small businesses and non-profits.
All the way to things like Zombie Defense Preparation, lockpicking, sushi making, and many other topics for makers, DIYers, artists and other creatives.

Barcamp is a program of The School Factory, a 501(c)(3) nonprofit organization that builds value-creating communities and spaces to transform education, economy, and talent.
When: Doors open Saturday, October 1st at 9:00 AM and close at 9:00 PM October 2nd

BarCampMilwaukee will offer over night sleeping so please break your sleeping bags.

register: here

Posted in Firsties | Leave a comment