 So who we are my name is Charlie and I work for the FBI, but I'm just a contractor. I'm not a fed and I run an open-source project called pack protector and I'm an anonymous speaker. I don't know. I don't even know who he is So we happen to find this in the valet area this morning and we couldn't resist Okay So the doors are being locked from the outside so you have to listen to this fucking sales pitch packer protector is a security distribution for wireless routers. It's like IP cop or a star or Untangle But it runs on hardware like this and if you stick around to the end we'll be giving away a router So 20 minutes will be given away a router and so you can do it runs free radius So you can do WPA enterprise it runs snort and inline Q mode So you have an IPS and it runs a transparent web proxy that's plugged into clam clam AV So you can do web antivirus All on an $80 box. Oh, sorry about that guys. All right So what's the point of this and this is just for fun the idea comes there's years ago I think all the upside down internet about a guy saw that people were stealing his internet access so He set up a squid proxy and a URL rewrite script to flip all the images upside down So Yeah, it's just for fun So don't expect like some sort of metamorphic shell code, you know, that sort of thing But your friends at home won't understand any of that leech shit But if you can like make boobs appear on CNN comm they'll think you're a fucking black hat God. So this is the This is the presentation you want to be at now to anonymous all right, so Quick conceptual overview. You got your victim. We've got a proxy. We're using squid and Basically, we're gonna use the URL rewriting feature of squid to Play with the victim So We'll do a quick little demo here. Someone give me a nice little URL or website you guys visit frequently Oh, well It's supposed to take something good and make it lame not take something lame and make it lame less Slash that we'll get to slash that later. All right All right, so Oh, well, it's horrible, but we'll go there. I haven't even been there in a while. Oh snap Wait the technical difficulties To the improved AOL like version 27 Stop this as quick as we can So here's a quick view of the code Can anyone in here actually read pearl because it's like it's hard to read But anyways, this is it. We take the the URL, you know, I see the regular expressions in there matching for YouTube and We pretty much give up Rick roll for this Okay, so what we're doing here is we're using IP tables to put in dnat rules pre-routing to transparently Changed it where the traffic is going All right, we're gonna Google something can someone give me something to Google That is excellent. I know I know children like telltubbies Is Is the spelling correct on telltubbies is it just two bees in the tuggies? Okay, this is important Okay All right, okay Okay Okay, so the interesting thing here is that it seems that this this this really gross phrase It keeps gonna pin did onto our search query. It's overpowering whatever we search for so I want to ask you guys If you think you can come with a phrase that will overpower The the appended phrase to search for what's that? Cephalopod what you got some some freaking squid lovers in here Okay, cephalopod you're gonna have to help me here You know what Google knows better cephalophone did I mean no I Okay, so yeah, I don't think we can do it. What's something what's really popular right now? Michael Jackson Yeah, Michael Jackson did come up on that one so that's pretty good So We got one. All right, so yeah simple simple manipulation here, so Here's the code again pretty simple we have this regular expression on like one of my laser pointer is broken But you can see it in there if you look for the new URL Line One more. I've got one more. Okay Okay, and this is the other setup that we have that's most similar to the upside down to net Whereas here we have a local web server running on the box and we use squid to intercept it and for example like all the images jpegs pngs and gifts will Basically downloads, you know, dub get those download them locally and use image magic to manipulate them and Then serve them up through our web server locally, but this is all transparent Okay, like recently a lot of our favorite people in the security industry have been attacked But from our perspective Like they're okay like they don't like I mean Their site never was down for us like you just Go back into time and we have all their things archived So you need to notice the dates on this Yeah, another year that yet another def con. This is from 2005 This is the time machine Okay, so yeah, this site was never down Same thing these guys are back up Here's the the source for the time machine pearl script and again, I can't read this but you guys can So we're essentially redirecting to web.arch archived at work So you pretty much can browse the web in the past a little bit of a prank there And that's code back to non-anonymous This is all him by the way The reason he's anonymous because you don't want to be associated with his trainwrecks, so give him hell All right, so who knows who invented the internet? Sort of but so DARPA invented the internet so that all Americans could have free pornography in their houses and Then along came education and e-commerce and social networking Polluted the whole pool of porn that was out there for all of us So we're gonna make things right again Okay, so if we went to one of these time wasting sites now we have to wait So so there So just to show that it works Okay, so somebody yell a site that may already be categorized pornography it did work Okay, and interestingly we couldn't use Google here because of some lame shit they do to The hrefs that are on the results page aren't actually hrefs There's JavaScript that overtakes those and sends you to a redirect page So the redirect pages aren't sufficiently pornographic to to meet our standards But Microsoft is playing along it gives us nice and pornographic direct links So if you want to see how this works now So Dan's Guardian is a great open source content filter, but what we want to do is essentially reverse the logic So at the bottom it's as simple as just saying if the weighted phrase is greater than or less than so We just flip that around and we had to make some We're gonna make a little bit more changes so we can allow the style sheets and the JavaScript from the porn sites Which aren't explicit themselves to come through so your porn is Unaffected, but all the rest of the shit is filtered out. Okay We have three left Shit. Yeah, all right. Hurry up. So I can't explain this one because we're running behind. We weren't we're anticipating this so We were on this one So we're on to I can't explain this one. You'll see in a second. What's it gonna be? Oh, yeah This is this is taking a long time so talk amongst yourselves Here's a subject. Why is my server so fucking slow think of some of your favorite security professionals So we're gonna take a detour and show you the code real quick because what's supposed to happen is there's George Carlin seven dirty words and We download the image whether it's a PNG or GIF for JPEG We create another image. That's the same size using a randomly selected dirty word We layer them on top of each other in an animated JIP when we serve that back up. So He's still a motherfucker we refresh it and still a motherfucker so This one will take forever because Def Con is polluted with images, but you'll get the the spice of life So we're gonna press on we'll come back to Def Con because it oh Yeah We're not that organized. Sorry. So that was called the Tourette net adding swears everywhere. All right, so My minions in the audience are supposed to be helping me so bear with them because I can tell he's not done So here's the full menagerie of swear words on the Def Con site We're still missing one Uninformed is another place to go. We should have done this first because it's much faster, but you can see the menagerie of Okay, so Let me take that out. I Know you're all enjoying that. I'm sorry So the general idea is to get your ideas and implement because there's there's a lot of stuff You know a lot of fun you could have get your ideas We throw them up on this proxy like in a modular all all modular like and You have a one-stop, you know prank-o-matic So you can do all this stuff at any time because no one wants to really like oh, I want to I want to Put on a prank. I'm gonna code this proxy stuff. It's already done for you Here it is. Yes, and in the minute the site will be updated with the code that we just presented Thank you. All right, so we don't have much time left But we know you guys have better ideas than we do and we want to give away the router so yell out some ideas Come on motherfuckers No ideas The subtle fuck you I like the brand number in the phone directory Ask if I all the images that's fucking sweet Bandwidth would go out the root All right, I think we have a winner unless somebody has something better. Come on Have you guys see what's that thing that the pearl script that like transmutates the words where it's still readable because our brain processes the words like word at a time, right? Dial up speeds. Well, you saw that already in my servers that fucking slow that Random Gmail searches. Oh Do randomly throw it out there We can't recommend that we I Think we have a winner. I'm sorry. We're running short on time the I didn't so who's a winner The bank man Yeah the ASCII images The bank man wins Props to the guy who came up with upside down to net The Defconn staff they rock squid is awesome and the entire open source community and thank you all Thanks guys