Segments

" War."

" This time on the show. Physical memory extraction. An analysis. All that and more of this episode of Hak5."

" Hak5 is brought to you by godaddy Squarespace. Game play and viewers like you."

" Well welcome Hak5 my name is Darren Kitchen and I'm Robert -- Olsen. Yeah and we had an awesome episode you guys today we're following up with some of the stuff that we talked about last week with a cold boot attack and we do. And more fun for runs X. So we're down here in CW right Colonial Williamsburg for the -- locals -- And I wanted to come here and see how where where Harrison had done his little hacking and stuff like that reference season once that's exactly. So speaking of hacking -- what I saw the episode about friends -- and I wanted to come down and and tell you about penetration testers use of forensics. Oh I mean I understand friends X in the viewpoint. You know. I'm contract did find some stuff on some machine or there's some illicit stuff on like a malware analysis and whatnot. How does that change. From the viewpoint of -- so hacker Kingdome memory just like you guys use there right. Well what's in memory passwords of course that the whole beauty and if you close this later right. So you're saying take you from the level of all okay I have access to a box and doing hadn't taking advantage of dispute -- bolster. Like on the exactly all of it. You sit down and Ellis had to -- gets -- have gone on. Oh it is also worth mentioning that Matt will be back. Next week we look forward to getting back in Ohio. When the -- and now probably."

" With Squarespace you can build beautiful looking blogs -- web sites in a fraction of the time it would take for the traditional content management system. They're intuitive drag and drop interface is as snappy and powerful as a desktop publishing -- But best of all there's no software to install new database to configure their patches are applied and no code to fiddle with it. -- out for yourself a simple and powerful it can be with a two week free trial that's Squarespace dot com and use promo -- hack. Five to support the show and save 10% off the life of your service Squarespace dot com."

" Rob thanks so much for coming down I think before we get too much into it that we should recap what we're talking about last week that this may have -- an -- long. That we're talking to cold boot attack. And using. My favorite thing in the world. A standard little inconspicuous. Innocent little USB drive. Did the same thing using. HCP. And he DPP's. Or you can do like. It's bias like orbit bias and -- set up a specially crafted motherboard did you go ahead you know. Freeze ram taken out of machine image or just threw it off US be image ram that's we're gonna be talking about is now acquiring. Physical memories that we can be really fun stuff with it I didn't mention that for the people that were confused about compiling it. I need you need it. In -- she'd like to make files. A new stack protector and if you really lazy I'm gonna have to. -- to the -- on the blog says this CD it right over here from drive. -- should be good to go. The -- compiled under. Right -- text actually exceeded in just about it would keeps if you before four point one thing that he is this after effect protector X I mean your point being. When you were gonna be talking about gathering physical memory and fun stuff that we can do with it. And I thought it would be important Q other than the cold this -- talk about ways. You would require a physical memory dumps from the computer. Knowing that Microsoft's. Does it when there's like crash right after the crash down but there are other ways and let's just talk about like your standard windows XP box examples here. Cut to get that physical memory for it. I like tool called well I like DD on the next record. For for windows. I like when thirty QDD it's basically. A report -- do the nifty stuff to dvd on you know -- would allow you to do. That is grabbing stuff from your physical memory and popping it like it have been violently want to call it. What you."

" So I don't like when -- reason I like man text. And DD and it's it's real simple all you do is I mean there's actually these are options you just run. With attack -- and say here's your output that's about it."

" I mean that are having problems with effort sounds cool I just wanted to note that when 32 DD is that open source and has two different methods of going out. Dumping the physical memory you can just it'll just copy what's in back plus -- windows. Or use the -- API. And what's important to note here is that on versions of windows prior to. When news server 2003. Service pack one so. I'm sorry and prisons since then so here this and when the sentence and stuff I don't allow. User mode access. To physical memory. And so what -- to kind of goes you know basically when -- DT DD. Is all kernel mode you'll. That brought up something that we never really talked about on the show here. And -- it'd be important to note that. The difference between -- so -- kernel mode is having like we're brings there. Yet -- bare metal act as the part where he can do whatever you want to united that's. That's sort of like that right there is -- out. But. But then like or -- you know if I wanted some muffins and I just stole mountains. You know they're very gal or you know user mode you can ask for them often get asked for permission you're right and you know often you're gonna get it right. Okay one that you know degree entry decides to gives years demonstrating using you know user mode when news third through we're talking about. You can't touch bare metal -- to get through ATI's. So. And if you're interested in -- kind of stuff about the -- and he had you know hardware abstraction layer Ohio manager's journal but. And it's really secret. Suffice to say. Windows -- utilities need -- when this every 2003 service pack one main function correctly and versions since then. -- on the lookout for."

" Well as long as -- and administer or running. Tool as an attache you have you know sort of have access to rings here."

" Right and you know. Getting administrator -- on witnesses like making cupcakes. So all -- doing -- would you know it's it's funny that of his who'd been in a -- we've been excited about this on that stuff but there's actually. A another just a simple method that is easy to to build the device but -- other device type method for bypassing when this blog and anyway that's kind of similar that it I would be worth mentioning here because it also ties into. Dumping. Physical memory and that is firewire devices. By just the nature of this back firewire device has access to the physical memory so what that means is. For example a you firewire iPod. With Linux could you especially graphic crafted with some cool software to plug into you know generic windows box and access that physical memory card read through it. Read from and write to it and who once you can do that. You know or you don't hear it the if the plug in town and it's the you know bypass. -- plants all sources windows restrictions just as you can Nicholas -- yes. And a -- and it's even it's just as inconspicuous of the US figure -- so I mean it. I mean the keys it's probably a topic for more in depth discussions and labs stuff later on but. You know is it something to -- there so. Let's go ahead and dumps and physical memory and then -- some of our employees and see what we can come up with."

" And I I wanted to say that. If you. Do throw it through some toys like we're going to use them all just like I said with they I -- all of your tools because sometimes you get other results and like we're gonna show and."

" Yeah mimic the boy scout all the tools and therefore let's think what overall some sponsors. Keep your personal information away from spammers hackers into your crazy ex roommate private domain registration from godaddy.com protects your privacy. By keeping your address phone number and more out of the public database. Check out revision3.com. Slash godaddy for all of our godaddy codes in offers."

" So we're gonna have taken her physical memory dumps and a -- them here and my the next item machine. And I'm gonna hadn't grabbed one from my computer using when 32 DDI grab mind probe ended. Excellent and -- got both -- what's with the -- that we thrown through that you like."

" Volatility of course it's python so it's cross platform it runs on windows Linux -- Mac. If you consider platform aren't. So what you can do with volatility of is using. Don't be running processes at the time you thing. DOLs. Connection sockets. Registries. And -- keys."

" I think he's really that we can lake. What I did this on mine and I can go ahead and actually see pay TrueCrypt dot EXE is one of processes and that is running which clues into -- hate. Maybe I should start you know and we'll talk about the other -- can take care but. Further from that you're saying to me that we can actually take executable that are running an extract those how does that work with benefit there."

" Okay so. You can actually. So whenever you run a processing it's loaded into memory nice of our whole -- on windows XP if I were to load up Q basically wanted to get my when he goes to ten on. Few basic idea exe would be resident in memory correct and things with volatility is full write down where it helps out is with our analysis. So. Bad guys like Tupac and encrypting and put it actually feels so that AB can't detect right. Going across the wire however. If but in memory it has to be running very it has to be actually functioning can be encrypted or or compressed. So. Dumping it out of memory bypasses the whole hacker issue exactly. And that's what the AV guys probably have you know this special network setup just to monitor that sort of thing right so. Some of the more deep malware analysis guys have something called the Darknet or or a or box that sits directly connected network. To the Internet has maybe a Linksys in front of it just to make it look like it's a home box. And it has a special piece of hardware or software. That. The OS is is unaware of them and will. Dump everything to a net another hard drive. Memory. Connections. And any harder hard drive changes so when it reboot though it will pleasure we're back in -- have a fresh start and."

" So this is like oh I love that adequately the steady state kind of thing -- exactly. And and since its external hardware that is doing is monitoring it's unbeknownst to the botnet it is on the processes that. Right as a going on so I can't say detect VMware right so I'm not gonna write this for example is if this is basically a honey pot. War. Botnet where it all of it that's awesome. An equally to going as long as you wanted. Which is -- yes. And coming back to volatility it's important -- that you're doing it playing with it did you actually provide some example data. So you can go ahead and they're using some other images and that's techniques there too. Important stuff and play with and learn with it you're telling me that we can actually stand -- on the program."

" Oh definitely so since python -- since is written in python there are been tons of friends is guys that have done scripts for. One of my favorites of all is dumping passwords. Thinking you can dump the Sam file because San thousand memory. And dumps Sampaio and we're gonna show you -- to do that it's."

" Sure -- and then liquid -- you know it's like late windows and passwords it's it's cupcakes. So. Awesome stuff there but. So right so we've gone -- we run it through this program and we have an idea with processes are running what connections and basic connections it made now that's not. This day. Like cash that is stored from -- like Firefox here or your Chrome Internet cash were talking about the connections. Make the -- connections and stuff. Better -- and physique as we mentioned that we can list running processes that open network connections when you're right -- you're -- about. Yes so where it shows Texas is not just whether it's connected right now and it's. Since it's the mood of the system. So go web page is that that connection to that IP address days in memory for awhile. -- recent tour of the so what I find is that we can we get through here and Zedillo's TrueCrypt that he exe is running -- IP addresses though. You know that that includes start going off mr. I really want to dig deep into this and see. You know what's really going on with this. An and of course dumping the syndicate app pastor because why not -- speaking of passwords. Last week we talked about ES key finder when -- should mention. That you know -- volatility -- like her characters and the others. Encryption. -- products out there are running in memory you might want to run this because. If an -- he finder and a so. You remember the company had with the other one is the other groups arsenic arsenic keep finder -- So it's just you know dot slash AES key fine. And then he'd yet tell it where you'll or memory dump is and there we -- we actually start seeing. He's coming up here which is also the news -- you if you have B hard drive as well and yeah and encrypt it you're good way to go. Because the memory can't encrypt bland and the other thing to say is that. Right so we start with memory because that was what we could get but then when you if that's hard drive. All the other fun stuff that you can then row through other tools. Foremost and I think that that's but I think that the hard dress up as a topic for another show but. But let's touch on form right here I mentioned just briefly last week. I think it's it's worth reiterating. How cool this tool is to basically foremost is a -- war forensics analysis for recovering stuff from from memory. Of files and files based on the headers of files to folders of files. And and signatures within a -- so oh hey this certain structure looks like -- JPEG. Let's just extract everything in between here and there and say to JPEG and put in a folder not what does. Yeah and the fever option by far is that -- he. All because it's got of these different profiles and understands JPEG to get some word documents to be do all against your memory dump. And any file that was open that he understands it just cruises into for a call output and is so much fun to dig through so we've got this. Foremost also has to do it some people who have been working on other plug it sort signal of those. And with and like while with a volatility performance also provides. Digital forensics tools like task images seeking go ahead download and play with so. We encourage you guys to go ahead and download some of these test images they -- these tools and let us know what you think."

" There's nothing better than doing -- you on your own image I mean all you have to do is download the tooling and you have your right image of your own memory -- you -- kind of right so there -- on your windows."

" VM go ahead run win 32 DV. It's cooler than through this -- tools."

" I want to let everybody knows that. -- on his service. They are the largest online video rentals service and offer a choice over 6000 new and classic titles across all councils and -- we plants are you 1595. -- by members can rent one -- four games at a time and keep them for as long. It's like you can also purchased the game if you fall in love with it settles into the box and manual. Pornography. And head over to gain -- dot com slash Hak5 to get. Two week free trial membership in -- dot com slash."

" That's just about wrapped up this episode of Hak5."

" But we want to let you know a couple things first of all we do have the August 15 -- and that's August 15 we -- having an awesome Hak5 you have over at Busch Gardens Williamsburg Virginia. You can join us on August 15. And you can go over to heck I -- dot Squarespace dot com for all the details right you can on your parents and to doing it by telling -- you get taken down its Colonial Williamsburg feel that like to store stuff. If there's -- join us at German -- house that's investors and guess that's how it's noon it's gonna be awesome."

" One it's which you know that you can send us feedback -- feedback Hak5 hour or use the contact form at the top paid her five dot org. And we look here what you guys think about the show what. Cools you guys use -- so every you know let us now --"

" And we -- a want to tell you about are very sweet brand new show on Revision 3 -- sixty days. Revision three's new show wasting nation is your guide to the best an HD content and the best in home theater here -- no matter what your budget is HDTV expert. Robert heron and movie fanatic Patrick Norton. We'll bring it isn't scoop on the movies TV shows and downloads that'll make your HDTV sign along with the best bargains. And HD from satellites completely -- sales every Tuesday at revision3.com. Slash -- dean --"

" Also we can't forget that you about. Podcaster need to get -- in the benefits for the -- of many the other hacker conferences held that proof that the great job organizing it. And they will be at Defcon this here to be going. Saturday is the night yeah all the details over podcast meet up. Dot com. Anyway that's pretty much it for this week we do it no now will be back next week and we'll be back in studio as well and the -- until then we remind you press you're technolust."

" Let's forget it."

" Hello welcome back five my name is Darren Kitchen and I'm totally ripped again hunter's very perceptive. Right. Corvette utility is that things overhead. Which is supposed to -- restricted airspace. The -- of like idea prone to stumbling and when stuff like that were specifically. Talking about. -- about this is -- okay. No problem."

" War."

" This time on the show. Physical memory extraction. An analysis. All that and more of this episode of Hak5."

" Hak5 is brought to you by godaddy Squarespace. Game play and viewers like you."

" Well welcome Hak5 my name is Darren Kitchen and I'm Robert -- Olsen. Yeah and we had an awesome episode you guys today we're following up with some of the stuff that we talked about last week with a cold boot attack and we do. And more fun for runs X. So we're down here in CW right Colonial Williamsburg for the -- locals -- And I wanted to come here and see how where where Harrison had done his little hacking and stuff like that reference season once that's exactly. So speaking of hacking -- what I saw the episode about friends -- and I wanted to come down and and tell you about penetration testers use of forensics. Oh I mean I understand friends X in the viewpoint. You know. I'm contract did find some stuff on some machine or there's some illicit stuff on like a malware analysis and whatnot. How does that change. From the viewpoint of -- so hacker Kingdome memory just like you guys use there right. Well what's in memory passwords of course that the whole beauty and if you close this later right. So you're saying take you from the level of all okay I have access to a box and doing hadn't taking advantage of dispute -- bolster. Like on the exactly all of it. You sit down and Ellis had to -- gets -- have gone on. Oh it is also worth mentioning that Matt will be back. Next week we look forward to getting back in Ohio. When the -- and now probably."

" With Squarespace you can build beautiful looking blogs -- web sites in a fraction of the time it would take for the traditional content management system. They're intuitive drag and drop interface is as snappy and powerful as a desktop publishing -- But best of all there's no software to install new database to configure their patches are applied and no code to fiddle with it. -- out for yourself a simple and powerful it can be with a two week free trial that's Squarespace dot com and use promo -- hack. Five to support the show and save 10% off the life of your service Squarespace dot com."

" Rob thanks so much for coming down I think before we get too much into it that we should recap what we're talking about last week that this may have -- an -- long. That we're talking to cold boot attack. And using. My favorite thing in the world. A standard little inconspicuous. Innocent little USB drive. Did the same thing using. HCP. And he DPP's. Or you can do like. It's bias like orbit bias and -- set up a specially crafted motherboard did you go ahead you know. Freeze ram taken out of machine image or just threw it off US be image ram that's we're gonna be talking about is now acquiring. Physical memories that we can be really fun stuff with it I didn't mention that for the people that were confused about compiling it. I need you need it. In -- she'd like to make files. A new stack protector and if you really lazy I'm gonna have to. -- to the -- on the blog says this CD it right over here from drive. -- should be good to go. The -- compiled under. Right -- text actually exceeded in just about it would keeps if you before four point one thing that he is this after effect protector X I mean your point being. When you were gonna be talking about gathering physical memory and fun stuff that we can do with it. And I thought it would be important Q other than the cold this -- talk about ways. You would require a physical memory dumps from the computer. Knowing that Microsoft's. Does it when there's like crash right after the crash down but there are other ways and let's just talk about like your standard windows XP box examples here. Cut to get that physical memory for it. I like tool called well I like DD on the next record. For for windows. I like when thirty QDD it's basically. A report -- do the nifty stuff to dvd on you know -- would allow you to do. That is grabbing stuff from your physical memory and popping it like it have been violently want to call it. What you."

" So I don't like when -- reason I like man text. And DD and it's it's real simple all you do is I mean there's actually these are options you just run. With attack -- and say here's your output that's about it."

" I mean that are having problems with effort sounds cool I just wanted to note that when 32 DD is that open source and has two different methods of going out. Dumping the physical memory you can just it'll just copy what's in back plus -- windows. Or use the -- API. And what's important to note here is that on versions of windows prior to. When news server 2003. Service pack one so. I'm sorry and prisons since then so here this and when the sentence and stuff I don't allow. User mode access. To physical memory. And so what -- to kind of goes you know basically when -- DT DD. Is all kernel mode you'll. That brought up something that we never really talked about on the show here. And -- it'd be important to note that. The difference between -- so -- kernel mode is having like we're brings there. Yet -- bare metal act as the part where he can do whatever you want to united that's. That's sort of like that right there is -- out. But. But then like or -- you know if I wanted some muffins and I just stole mountains. You know they're very gal or you know user mode you can ask for them often get asked for permission you're right and you know often you're gonna get it right. Okay one that you know degree entry decides to gives years demonstrating using you know user mode when news third through we're talking about. You can't touch bare metal -- to get through ATI's. So. And if you're interested in -- kind of stuff about the -- and he had you know hardware abstraction layer Ohio manager's journal but. And it's really secret. Suffice to say. Windows -- utilities need -- when this every 2003 service pack one main function correctly and versions since then. -- on the lookout for."

" Well as long as -- and administer or running. Tool as an attache you have you know sort of have access to rings here."

" Right and you know. Getting administrator -- on witnesses like making cupcakes. So all -- doing -- would you know it's it's funny that of his who'd been in a -- we've been excited about this on that stuff but there's actually. A another just a simple method that is easy to to build the device but -- other device type method for bypassing when this blog and anyway that's kind of similar that it I would be worth mentioning here because it also ties into. Dumping. Physical memory and that is firewire devices. By just the nature of this back firewire device has access to the physical memory so what that means is. For example a you firewire iPod. With Linux could you especially graphic crafted with some cool software to plug into you know generic windows box and access that physical memory card read through it. Read from and write to it and who once you can do that. You know or you don't hear it the if the plug in town and it's the you know bypass. -- plants all sources windows restrictions just as you can Nicholas -- yes. And a -- and it's even it's just as inconspicuous of the US figure -- so I mean it. I mean the keys it's probably a topic for more in depth discussions and labs stuff later on but. You know is it something to -- there so. Let's go ahead and dumps and physical memory and then -- some of our employees and see what we can come up with."

" And I I wanted to say that. If you. Do throw it through some toys like we're going to use them all just like I said with they I -- all of your tools because sometimes you get other results and like we're gonna show and."

" Yeah mimic the boy scout all the tools and therefore let's think what overall some sponsors. Keep your personal information away from spammers hackers into your crazy ex roommate private domain registration from godaddy.com protects your privacy. By keeping your address phone number and more out of the public database. Check out revision3.com. Slash godaddy for all of our godaddy codes in offers."

" So we're gonna have taken her physical memory dumps and a -- them here and my the next item machine. And I'm gonna hadn't grabbed one from my computer using when 32 DDI grab mind probe ended. Excellent and -- got both -- what's with the -- that we thrown through that you like."

" Volatility of course it's python so it's cross platform it runs on windows Linux -- Mac. If you consider platform aren't. So what you can do with volatility of is using. Don't be running processes at the time you thing. DOLs. Connection sockets. Registries. And -- keys."

" I think he's really that we can lake. What I did this on mine and I can go ahead and actually see pay TrueCrypt dot EXE is one of processes and that is running which clues into -- hate. Maybe I should start you know and we'll talk about the other -- can take care but. Further from that you're saying to me that we can actually take executable that are running an extract those how does that work with benefit there."

" Okay so. You can actually. So whenever you run a processing it's loaded into memory nice of our whole -- on windows XP if I were to load up Q basically wanted to get my when he goes to ten on. Few basic idea exe would be resident in memory correct and things with volatility is full write down where it helps out is with our analysis. So. Bad guys like Tupac and encrypting and put it actually feels so that AB can't detect right. Going across the wire however. If but in memory it has to be running very it has to be actually functioning can be encrypted or or compressed. So. Dumping it out of memory bypasses the whole hacker issue exactly. And that's what the AV guys probably have you know this special network setup just to monitor that sort of thing right so. Some of the more deep malware analysis guys have something called the Darknet or or a or box that sits directly connected network. To the Internet has maybe a Linksys in front of it just to make it look like it's a home box. And it has a special piece of hardware or software. That. The OS is is unaware of them and will. Dump everything to a net another hard drive. Memory. Connections. And any harder hard drive changes so when it reboot though it will pleasure we're back in -- have a fresh start and."

" So this is like oh I love that adequately the steady state kind of thing -- exactly. And and since its external hardware that is doing is monitoring it's unbeknownst to the botnet it is on the processes that. Right as a going on so I can't say detect VMware right so I'm not gonna write this for example is if this is basically a honey pot. War. Botnet where it all of it that's awesome. An equally to going as long as you wanted. Which is -- yes. And coming back to volatility it's important -- that you're doing it playing with it did you actually provide some example data. So you can go ahead and they're using some other images and that's techniques there too. Important stuff and play with and learn with it you're telling me that we can actually stand -- on the program."

" Oh definitely so since python -- since is written in python there are been tons of friends is guys that have done scripts for. One of my favorites of all is dumping passwords. Thinking you can dump the Sam file because San thousand memory. And dumps Sampaio and we're gonna show you -- to do that it's."

" Sure -- and then liquid -- you know it's like late windows and passwords it's it's cupcakes. So. Awesome stuff there but. So right so we've gone -- we run it through this program and we have an idea with processes are running what connections and basic connections it made now that's not. This day. Like cash that is stored from -- like Firefox here or your Chrome Internet cash were talking about the connections. Make the -- connections and stuff. Better -- and physique as we mentioned that we can list running processes that open network connections when you're right -- you're -- about. Yes so where it shows Texas is not just whether it's connected right now and it's. Since it's the mood of the system. So go web page is that that connection to that IP address days in memory for awhile. -- recent tour of the so what I find is that we can we get through here and Zedillo's TrueCrypt that he exe is running -- IP addresses though. You know that that includes start going off mr. I really want to dig deep into this and see. You know what's really going on with this. An and of course dumping the syndicate app pastor because why not -- speaking of passwords. Last week we talked about ES key finder when -- should mention. That you know -- volatility -- like her characters and the others. Encryption. -- products out there are running in memory you might want to run this because. If an -- he finder and a so. You remember the company had with the other one is the other groups arsenic arsenic keep finder -- So it's just you know dot slash AES key fine. And then he'd yet tell it where you'll or memory dump is and there we -- we actually start seeing. He's coming up here which is also the news -- you if you have B hard drive as well and yeah and encrypt it you're good way to go. Because the memory can't encrypt bland and the other thing to say is that. Right so we start with memory because that was what we could get but then when you if that's hard drive. All the other fun stuff that you can then row through other tools. Foremost and I think that that's but I think that the hard dress up as a topic for another show but. But let's touch on form right here I mentioned just briefly last week. I think it's it's worth reiterating. How cool this tool is to basically foremost is a -- war forensics analysis for recovering stuff from from memory. Of files and files based on the headers of files to folders of files. And and signatures within a -- so oh hey this certain structure looks like -- JPEG. Let's just extract everything in between here and there and say to JPEG and put in a folder not what does. Yeah and the fever option by far is that -- he. All because it's got of these different profiles and understands JPEG to get some word documents to be do all against your memory dump. And any file that was open that he understands it just cruises into for a call output and is so much fun to dig through so we've got this. Foremost also has to do it some people who have been working on other plug it sort signal of those. And with and like while with a volatility performance also provides. Digital forensics tools like task images seeking go ahead download and play with so. We encourage you guys to go ahead and download some of these test images they -- these tools and let us know what you think."

" There's nothing better than doing -- you on your own image I mean all you have to do is download the tooling and you have your right image of your own memory -- you -- kind of right so there -- on your windows."

" VM go ahead run win 32 DV. It's cooler than through this -- tools."

" I want to let everybody knows that. -- on his service. They are the largest online video rentals service and offer a choice over 6000 new and classic titles across all councils and -- we plants are you 1595. -- by members can rent one -- four games at a time and keep them for as long. It's like you can also purchased the game if you fall in love with it settles into the box and manual. Pornography. And head over to gain -- dot com slash Hak5 to get. Two week free trial membership in -- dot com slash."

" That's just about wrapped up this episode of Hak5."

" But we want to let you know a couple things first of all we do have the August 15 -- and that's August 15 we -- having an awesome Hak5 you have over at Busch Gardens Williamsburg Virginia. You can join us on August 15. And you can go over to heck I -- dot Squarespace dot com for all the details right you can on your parents and to doing it by telling -- you get taken down its Colonial Williamsburg feel that like to store stuff. If there's -- join us at German -- house that's investors and guess that's how it's noon it's gonna be awesome."

" One it's which you know that you can send us feedback -- feedback Hak5 hour or use the contact form at the top paid her five dot org. And we look here what you guys think about the show what. Cools you guys use -- so every you know let us now --"

" And we -- a want to tell you about are very sweet brand new show on Revision 3 -- sixty days. Revision three's new show wasting nation is your guide to the best an HD content and the best in home theater here -- no matter what your budget is HDTV expert. Robert heron and movie fanatic Patrick Norton. We'll bring it isn't scoop on the movies TV shows and downloads that'll make your HDTV sign along with the best bargains. And HD from satellites completely -- sales every Tuesday at revision3.com. Slash -- dean --"

" Also we can't forget that you about. Podcaster need to get -- in the benefits for the -- of many the other hacker conferences held that proof that the great job organizing it. And they will be at Defcon this here to be going. Saturday is the night yeah all the details over podcast meet up. Dot com. Anyway that's pretty much it for this week we do it no now will be back next week and we'll be back in studio as well and the -- until then we remind you press you're technolust."

" Let's forget it."

" Hello welcome back five my name is Darren Kitchen and I'm totally ripped again hunter's very perceptive. Right. Corvette utility is that things overhead. Which is supposed to -- restricted airspace. The -- of like idea prone to stumbling and when stuff like that were specifically. Talking about. -- about this is -- okay. No problem."