HamSammich – long distance proxying over radio

DEF CON 23

Presented by: Rob Graham, David Maynor
Date: Friday August 07, 2015
Time: 16:00 - 16:25
Location: Track One

The ProxyHam talk was mysteriously canceled. However, it’s easy to replicate the talk from the press coverage. In this talk, we propose “HamSammich”, creating a point-to-point link in order to access WiFi from many miles away, as a means to avoid detection. We show how off-the-shelf devices can be configured to do this for less than $200. After demonstrating the working system, we’ll talk about radio signals. This includes both the FCC regulatory issues which may have caused the cancelation of the original talk, as well as signals-intelligence, and the practicalities of being detected and caught. Finally, we’ll talk about hiding signals with SDR, a more complicated and expensive technique, but one that hides better in the electromagnetic spectrum.

We’ll demonstrate not only a working system, but what the 900MHz spectrum looks like, and how to track down a working system.

Robert Testagrossa

fluxist (Robert Testagrossa) is an independent security researcher; Director - Special Projects at Dulotech Inc; and Owner of Cloud99 Vapes, a NY-based chain of retail vape shops. He is not available for comment.

Rob Graham

Robert Graham is the CEO of Errata Security, a pentest/consulting firm. He's known for creating the first IPS, the BlackICE series of products, sidejacking, and masscan. In his spare time, he scans the Internet. He has been speaking at several conferences a year for the past decade.

David Maynor

David Maynor is the CTO of Errata Security, and chief pentester. He’s a frequent speaker at conferences, most infamously in the Apple WiFi scandal. In his spare time, he builds weapons for Skynet’s domination of the planet.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats