Tag Archives: TechEd

First weekend at TechEd North America 2014

Teched North America 2014After receiving my badge for TechEd yesterday at the George Brown Convention center I went back today to meetup with Ed and Teresa to have a look at the Tech Expo and setup the Scripting Guys booth. Have a look at the Scripting Guys Booth Setup at TechEd blog post by the Scripting Guy for some pictures of the crew and the booth. The Tech Expo is massive and I am looking forward to seeing the end result tomorrow morning.

The friendly bunch at http://www.iamkrewe.org have put together an excellent networking event this Sunday evening which was a good kick-off to what seems to be a great conference. I am looking forward to hearing all about the new announcements at this TechEd. For anyone with any PowerShell or scripting question feel free to drop by the Scripting Guy booth at the Tech Expo and I will be happy to try and answer your question!

Share

My day at TechEd Pre-conference

Yesterday I attended the TechEd Europe 2013 Pre-conference. I had signed up for the ‘Lessons from the Field: Useful Hacker Techniques for Administrators’ session by Hasain Alshakarti, Paula Januszkiewicz and Marcus Murray. They were quite knowledgeable on the subject matter and presented their information in an interesting way.

To give a short overview of the topics that were covered:

  • Use a vulnerable .aspx page on an IIS server in combination with several methods of escalation of privilege to compromise a Active Directory domain.
  • Managed Service Accounts as a method to harden application servers
  • Abusing Direct Memory Access used by Firewire/Thunderbolt to compromise a fully patched Windows 8 machine using the Inception tool
  • Using offline registry to compromise a machine
  • Using Aerodump to snif and hack networks
  • www.cloudcracker.com is a website that cracks WPA2 passwords in twenty minutes
  • Using mimikatz to grab username and password from memory
  • Using findstr.exe to grab plain text passwords / hashed passwords from virtual machine memory snapshots
  • Core Impact Professional, a hacking / administrative tool that can useful in both scenarios. Either as a emergency response tool or as a malicious tool to take control of computers.
  • Rubberducky: A usb key that acts as a keyboard which can be used to bypass UAC and other security features to quickly install malware on a sytem.
  • Volitility a memory analysis tool which can be used to gather a variety of information from a dump file. Including passwords and credential hashes

Downloads for this session are available at:

http://sdrv.ms/11ka1Ju
http://cqure.pl
http://truesec.com

 

Share

Convert TechEd Europe 2013 schedule to PowerShell objects

After I filled out my session slots for TechEd Europe 2013, I thought I would have some fun with the schedule. At first I thought I would rip the details from the website, until I noticed the ‘Subscribe to your entire schedule’ button on the website.

Since Outlook calendar items are neatly structured I decided that was the easiest method of converting my schedule to PowerShell. I am using the Outlook.Application ComObject to collect the information from my Outlook calendar.

Here is the code I utilized for this purpose:

Add-type -Assembly "Microsoft.Office.Interop.Outlook" | Out-Null
$Outlook = New-Object -ComObject Outlook.Application
$Namespace = $Outlook.GetNameSpace("MAPI")
$InternetCalendars = $Namespace.folders |
   Where-Object {$_.FullFolderPath -eq '\\Internet Calendars'}
$TechNetFolder = $InternetCalendars.folders |
   Where-Object {$_.FullFolderPath -match 'Teched Europe 2013'}
$TechNetFolder.Items | Sort-Object -Property Start |
   Select-Object -Property Subject,Start,End,Duration,Location,Body

Now this provides me with a neatly organized collection objects that contain the Title, Start Time, End Time, Duration and a description of the session. To find out which other properties are available on the Calendar items the Get-Member Cmdlet can be used. For example:

$TechNetFolder.Items | Get-Member

All the properties and methods that are available on these objects are now available. This provides us with a way to organize our schedule for TechEd however we see fit. Let me know what you think or if you have a nice way of utilizing this.

Share

My TechEd Europe 2013 schedule

5270.TECHED madrid.png-550x0I have put together my schedule for TechEd 2013 and will share it in this blog post, what are your thoughts. Did I miss any good sessions here or do you have any recommendations?

Subject Start End Duration
Lessons from the Field: Useful Hacker Techniques for Administrators 24-06 09:00 24-06 17:00 480
The Cloud OS: It?s Time! 25-06 09:00 25-06 10:30 90
Transform the Datacenter with Server and Management Innovations from Microsoft 25-06 11:00 25-06 12:00 60
Big Data. Small Data. All Data. 25-06 11:00 25-06 12:00 60
Advanced Automation Using Windows PowerShell 25-06 13:30 25-06 14:45 75
Desired State Configuration in Windows Server 2012 R2 PowerShell 25-06 15:15 25-06 16:30 75
Windows PowerShell Unplugged 25-06 17:00 25-06 18:15 75
APTs: Cybercrime, Cyber Attacks, Warfare and Threats Exposed 26-06 08:30 26-06 09:45 75
Desired State Configuration with Windows Server 2012 R2 26-06 10:15 26-06 11:30 75
Infrastructure Services on Windows Azure: Virtual Machines and Virtual Networks with Mark Russinovich 26-06 10:15 26-06 11:30 75
The Inside Man: Surviving the Ultimate Cyber Threat 26-06 10:15 26-06 11:30 75
Overview of Windows Server 2012 Hyper-V 26-06 12:00 26-06 13:15 75
Practical Implementation of Windows Server 2012 Storage Technologies 26-06 14:00 26-06 14:45 45
Windows Azure Internals 26-06 15:15 26-06 16:30 75
Tuning Images for VDI Usage 26-06 15:15 26-06 16:30 75
Storage and Availability Improvements in Windows Server 2012 R2 26-06 17:00 26-06 18:15 75
Designing a Virtual Desktop Infrastructure Architecture for Scale and Performance on Window Server 2012 26-06 17:00 26-06 18:15 75
Windows is the Future 27-06 08:30 27-06 09:45 75
Microsoft Integration Vision and Roadmap 27-06 10:15 27-06 11:30 75
Pass the Hash and Other Credential Theft and Reuse: Preventing Lateral Movement and Privilege Escalation 27-06 10:15 27-06 11:30 75
Running Your Active Directory in Windows Azure Virtual Machines 27-06 10:15 27-06 11:30 75
Managing Multi-Hypervisor Environments with Microsoft System Center 2012 27-06 10:15 27-06 11:30 75
Hackers (Not) Halted (repeats on 6/27 at 5 pm) 27-06 12:00 27-06 13:15 75
Building Hosted Clouds Using Windows Server 2012 R2 27-06 12:00 27-06 13:15 75
Configuring and Tuning Windows 8 27-06 12:00 27-06 13:15 75
Deploying Windows 8 and Touch in the Enterprise 27-06 14:00 27-06 14:45 45
Automating Microsoft System Center Deployment with the PowerShell Deployment Toolkit 27-06 15:15 27-06 16:30 75
Pieces of 8: Prospecting for Windows 8 Gold 27-06 15:15 27-06 16:30 75
Integrating with Microsoft System Center 2012 and Windows PowerShell 27-06 17:00 27-06 18:15 75
Sysinternals Primer: TechEd 2013 Edition 27-06 17:00 27-06 18:15 75
What?s New in Windows 8.1 Security: Overview (repeated from 6/26 at 8:30 am) 27-06 17:00 27-06 18:15 75
Hackers (Not) Halted (repeated from 6/27 at 12:00) 27-06 17:00 27-06 18:15 75
Using Windows PowerShell Magic to Manage Microsoft Office 365 28-06 08:30 28-06 09:45 75
Adventures in Underland: What Passwords Do When No One Is Watching 28-06 08:30 28-06 09:45 75
Deep Dive on Hyper-V Network Virtualization in Windows Server 2012 R2 28-06 08:30 28-06 09:45 75
License to Kill: Malware Hunting with the Sysinternals Tools 28-06 10:15 28-06 11:30 75
Better Networking, More Net Gains: How Windows Server 2012 Can Be Your Director of Protocol(s) 28-06 12:00 28-06 13:15 75
Windows 8: Essential Security Features Every Admin Should Know About 28-06 12:00 28-06 13:15 75
Case of the Unexplained 2013: Windows Troubleshooting with Mark Russinovich 28-06 12:00 28-06 13:15 75
Windows Server 2012 Deployment and Ongoing Management: Why Server Core Is Right for You 28-06 14:45 28-06 16:00 75
Upgrading the Platform – How to Get There! Part 2: Networking Infrastructure and Management 28-06 14:45 28-06 16:00 75
What?s New in Windows 8.1 Security: Modern Access Control Deep Dive 28-06 16:30 28-06 17:45 75
Live Demonstration: Hacker Tools You Should Know and Worry About 28-06 16:30 28-06 17:45 75
Share