campusCon at WIT

edmund_f

(developed from here)

WIT hackers are proposing a security event for students and security professionals


Date 21 January 2012
Location WIT Carrickagnore campus

Details of event

This event is currently open to proposals for demos / projects / talks

WIT hackers will provide -
Chill out area
Retro games area
Project area
Talks area
Capture the Flag area

Suggested 'donation' to cover rent / electricity / etc will be €5 per person

Currently we are gearing up for approximatly 30 people but will adjust based on the interest we receive

dlofnep

Will assist with the Capture the flag event, and I'll be happy to give a talk on SQLi/XSS Will chat to ye during the week Ed

edmund_f

Thanks for that, that would be great. At the moment this is a case that we are hoping that 'if we build it, they will come' so the success of the event will depend entirely on people like yourself helping out.

So if you are reading this and have a cool project or talk you would like to do, feel free to get in contact.

Question for the Mods, if one wanted to advertise this in the college subsections of boards.ie (e.g. UCC, UCD, UL etc etc) what would be the best way to go about it without spamming?

Ed

dlofnep

Send the details onto the computer societies of each college. I have a potential speaker lined up Won't be into you guys today as I've the flu, but I'll text Kev with the details.

schrodinger

Sounds good, see you then.

edmund_f

See you there, Just confirmed the room out in Carriganore, looks perfect. Will start drafting some timetables shortly, so if anyone wants to present / demo anything let us know

http://www.witsportscampus.ie

LoLth

If you're going to advertise on fora, PM the mod of the forum first and ask them if its ok. If they say yes (and they more than likely will) then include that you are posting with mod permission in the post.

must look into the possibility of a security forum calendar so we can keep track of whats happening when....

KevaWIT

Alright folks, I just put up a website for this. It has contact details etc on it. I'll try keep it updated as stuff happens. Anybody interested in getting involved can contact us via the website.

Keva

campuscon.hackingwit.com

dlofnep

Site updated: http://campuscon.hackingwit.com

3 speakers confirmed so far, anyone else willing to give a talk, or a project demonstration please get in touch. Please spread the word!

BaconZombie

The Events & Talks buttons both link to " http://campuscon.hackingwit.com/index.php# "

dlofnep wrote: »

Site updated: http://campuscon.hackingwit.com

3 speakers confirmed so far, anyone else willing to give a talk, or a project demonstration please get in touch. Please spread the word!

dlofnep

Yeah, I'm adding those sections later.

BaconZombie

The con is now been pimped justing ISDPodcast's upcoming event section :pac:

ISD is a daily security podcast I've been listening to for over 2 years now, it's manly US base but has some Irish and other EU listeners.

http://www.isdpodcast.com/episode-547-naughty-french-visa-ellen-scam-big-5-manning

dlofnep

Thanks for the free shout BZ

dlofnep

Website updated.

3 speakers confirmed - Still looking for more, so if anybody is interested in giving a talk - please contact us! Also, please spread the word wherever you can - computer societies, 2600, hackerspaces, etc..

dlofnep

Another speaker confirmed! 4 in total now: http://campuscon.hackingwit.com/talks.php

Seems to be gaining momentum now

infodox

If I can go along with some associates we might be able to give a talk/demo on either 802.11 security, LAN/client side exploitation taken to another level or malicious code obfustication. Depends though, it is a fair distance, and I have other considerations to make... Would love to hit the CTF too

dlofnep

That would be greatly appreciated. Drop me a line if you decide to join us. Where are you based?

Also - We've added another speaker.

Event so far is shaping up as follows.

5 Talks

• Introduction to SQL Injection.
• Writing mobile applications with the cloud.
• When I Grow Up I want to be a Cyberterrorist
• The politics of security. What's being done about computer crime and why does it matter?
• C/C++ must die. It's ground hog day.

Events
Team-based hacking challenge. A 3-layered challenge, which awards a team 5 points for each layer compromised. Maximum of 5 people per team. Winners get bragging rights, and whatever else we can muster up

We will also have a few RC cars floating around for amusement, along with a digital forensics display, project areas, refreshments, beers, and much more!

So make sure to mark Jan 21st down in your diaries, and spread the word. The more successful this event is, the more likely we are to make this event an annual one.

infodox

I am Galway based, and will know by Jan 2nd (not Jan 1st, will be crippled hungover) if I can make it.

I will likely have a talk prepared on taking MITM/Client side/802.11 attacks to the "next level" (think karmetasploit style stuff, jasager, etc) and how it can be done. I just have to make powerpoint agree with me, test my Middler plugins and MSF aux modules, and then get it ready to roll

If people want, I can always do a quick demo on malware obfustication using simple bits of C, objdump and msfencode (what better shellcode encoder is there?), and perhaps some tricks for hiding payloads (It has been of great interest lately, hiding things...)

Also, I *should* be able to bring along a few people... If anyone from Galway is going drop a line

dlofnep

Sounds most excellent If you can make it, it will be a great addition to the line-up.

Hijpo

dlofnep wrote: »

Another speaker confirmed! 4 in total now: http://campuscon.hackingwit.com/talks.php

Seems to be gaining momentum now

Is it open for anyone to attend or just WIT students?

dlofnep

Hijpo wrote: »

Is it open for anyone to attend or just WIT students?

Open to anyone. The more the merrier

Hijpo

dlofnep wrote: »

Hijpo wrote: »

Is it open for anyone to attend or just WIT students?

Open to anyone. The more the merrier

Niiiice, "donations" to be payed at time of entry or??

dlofnep

Hijpo wrote: »

Niiiice, "donations" to be payed at time of entry or??

At the door I assume. Cost will be minimal. Will ask at the next meeting.

dlofnep

Entry fee is €5. That's just to cover our costs for refreshments.

Screaminmidget

Thinking about heading to this if I can get a few more to go with me.

infodox

Right, I am working on the slides. Will ye have a projector machine that hooks up via VGA? Netbook I plan to bring only has VGA out. I'll make the powerpoints, write the code, and do up some nice videos covering some of the more interesting ways of owning people via 802.11 networks...

Cannot think of a good name for it though, but the subheader says "in your switches reroutin your b*tches riches!".

Basically, I start by covering basic MITM, then go "beyond standard MITM" and into the wild, whacky wonderland of client side ownage. Nothing groundbreakingly new, but some fun stuff and sample code for y'all to test out.

Also, regarding the CTF.
Are the following permitted?

Web crawlers (to generate lists of URL's or to "feed" a proxy like Burp/RatProxy).
Port Scanning (In my whole career, I never owned anything without nmapping it first).
Directory "brute force" (trying to find the admin folder (if any) or phpmyadmin dir (if any) by using automated techniques.)
Adding users to the box
Potentially crashy local root exploit* (all local roots CAN CAUSE KERNEL PANIC AND BOX CRASH! So be aware of this!)

Obviously rm -rf /* is not allowed, and I assume owning the competitors is not permitted either :P

Oh, that other thing too... How the hell do I get to the place from the bus station or wherever I land? Will I just call someone/Wander aimlessly/look for a sign? Is there a pub nearby? And will CTF and talks be on @ same time?

*I assume in the CTF... We should document EVERYTHING, no?

**also, if you are gonna use some non x86 arch box, like, say, a SPARC box, PLEASE INSTALL GCC/CC ON IT. Seriously. I have seen experienced blackhats/pro's accidentally break their intended targets box by using an x86 compiled local root exploit on a SPARC box. No idea how it even ran in the first place, but the box didn't last very long.

h57xiucj2z946q

Might be interesting topics for people to talk about, its something I have been experimenting with lately:

Social Engineering Toolkit:
http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_%28SET%29
http://www.youtube.com/results?search_query=social+engineering+toolkit&nfpr=0

Rogue/Fake AP's:
http://www.youtube.com/results?search_query=fakeap&oq=fakeap&aq=f&aqi=g1&aql=&gs_sm=e&gs_upl=3945l4602l0l4835l6l5l0l0l0l0l241l902l0.3.2l5l0


And using a combination of ettercap, airbase and SET (Social Engineering Toolkit) to create various interesting situations.

e.g. you can re-direct all traffic on your network through you first, sniff logins of pages, even strip ssl out or use local certs.
or use SET to actually clone the page you wanna steal credentials of in the first place and use dns_spoofing to make sure your user is re-directed to your cloned page that you are monitoring.

Create a softap (wifi spot with wifi adpater), with no password and have people connect to that, you can perform the above then also! Or do various fun things like flipping the images for everyone who connects to your wifi spot, or those on your own network:

http://g0tmi1k.blogspot.com/2011/04/video-playing-with-traffic-squid.html

The possibilities are great, you just need to use your imagination using a combination of all the methods/features.

dlofnep

infodox wrote: »

Right, I am working on the slides. Will ye have a projector machine that hooks up via VGA? Netbook I plan to bring only has VGA out. I'll make the powerpoints, write the code, and do up some nice videos covering some of the more interesting ways of owning people via 802.11 networks...

Cannot think of a good name for it though, but the subheader says "in your switches reroutin your b*tches riches!".

Yup, we'll have a projector with a VGA connector.

If you just want to pass me on a brief bio of yourself, and abstract of the talk - I can add it to the website.

infodox wrote: »

Also, regarding the CTF.
Are the following permitted?

Web crawlers (to generate lists of URL's or to "feed" a proxy like Burp/RatProxy).
Port Scanning (In my whole career, I never owned anything without nmapping it first).
Directory "brute force" (trying to find the admin folder (if any) or phpmyadmin dir (if any) by using automated techniques.)
Adding users to the box
Potentially crashy local root exploit* (all local roots CAN CAUSE KERNEL PANIC AND BOX CRASH! So be aware of this!)

You won't require any brute force/dictionary attacks. It's doubtful you'll need any web-crawlers either. Exploits are fine, so long as they are manual. So basically, no autopwn with metasploit. No hammering the system, it won't be required. Once you get setup - you'll understand.

infodox wrote: »

Obviously rm -rf /* is not allowed, and I assume owning the competitors is not permitted either :P

No

infodox wrote: »

Oh, that other thing too... How the hell do I get to the place from the bus station or wherever I land? Will I just call someone/Wander aimlessly/look for a sign? Is there a pub nearby? And will CTF and talks be on @ same time?

There'll be drinks after the event. Depending on what time you get into the bus station, I can collect you if you're stuck. But it will have to be before the event starts, as my hands will be full after that. The location of the campus is on the website, and is about a mile from the city centre. Google maps location is here.

infodox wrote: »

*I assume in the CTF... We should document EVERYTHING, no?

Yes, all teams will be required to document their efforts. That way we know if someone isn't cheating

infodox wrote: »

**also, if you are gonna use some non x86 arch box, like, say, a SPARC box, PLEASE INSTALL GCC/CC ON IT. Seriously. I have seen experienced blackhats/pro's accidentally break their intended targets box by using an x86 compiled local root exploit on a SPARC box. No idea how it even ran in the first place, but the box didn't last very long.

We won't be using any obscure OS or architecture, don't worry. Everything you'll need will be available.

infodox

Damo2k - I plan to cover fake AP's briefly along with standard MITM, then move on to KARMA and Airpwn methods with metasploit, evilgrade, etc. If a certain German ever emails me back with his code (I tried to replicate it without success so far, the .pdf I got from his talk broke the formatting so badly...) and I get a chance, I will be releasing a new EvilUpdateServer Metasploit Aux module.

Autopwn for MSF, thankfully, has been depracated. It was only useful as a teaching tool anyway - show people how NOT to do it (run an IDS along with a db_autopwn attack and show them how much noise it makes). It WAS useful for showing what exploits MIGHT work though.

dlofnep - I will pass you the info tomorrow when I am online, sister wants the laptop for facebook :P

I understand why no hammering - I ran a small CTF event at the local hackerspace a year ago (everyone rooted the box in 0.5 seconds - we left the real target box at home and had to use a DVL liveCD which had root:toor... Enough said?)

The rules seem fairly simple to understand, though a suggestion - perhaps run Wireshark/TCPdump on the whole attack-network/victim box and then maybe burn the .pcap to a DVD after the event? I am sure some of us will want to see the traffic :P

And thank god it aint gonna be some obscure box! I already am making assumption point of entry is via web... So the port scan is not REALLY useful (except to identify some of the more unusual log injection tricks).

Thanks a million for setting this up (and for putting up with my over 9000 questions... There will doubtlessly be more soon!)

Perhaps send an invite to the guys at Symantec Security Response in Dublin? I sent one to Brian Honan and @securityninja on twitter a while ago, so they *might* show. I will also email the guy at secured.ie in the morning

dlofnep

That's grand man. I contacted OWASP - we're hoping for them to round up a few troops and send us a speaker also. Do you have the contact details for the Symantec lads? I've contacted all colleges and universities, so anyone else you could suggest would be most welcome.

RE: Entry-point, there are 3 layers to compromise - so there is no one single way to accomplish it It is still not complete yet, so I can make it as complex as need be - but I want to try and find a healthy balance between those who are still getting their feet wet in security, and seasoned vets.

infodox

Re: CTF... Just a few pictures that I thought were funny and kinda reminded me about CTF.

*laughs* lets hope nothing like this happens...


Or, as for "hammering the server"...

dlofnep

Just around the corner now

Hijpo

Turns out im working that saturday, any plans for stickin it on dvd or anything?

dlofnep

We're looking into recording the event, let me get back to you.

infodox

dlofnep I will send the confirmation email tonight, just working on how to get there (think I have a lift)

Maybe its a good idea for all the speakers to provide their talks slides as .pdf or something as well? So everyone who misses out can download 'em. I will be providing a tarball of code (if the metasploit module ever works...) and putting the presentation up on slideshare + google docs just in case I rm -rf myself (today I deleted /usr/share/* by accident)

Looking forward to this!! Will be good to meet some likeminded individuals...

dlofnep

infodox, if you can get to waterford early enough, i'll collect you from the station and bring you to the event

dlofnep

10 days until the event, really looking forward to it now

dlofnep

Event poster - print, share around universities if you can

edmund_f

Posters up around WIT now

dlofnep

Good man Did they print out ok?

infodox

One of the videos finally came out OK!

MITM w/ ARP-Toxin and using Driftnet to sniff images.

Blog Post: http://blog.infodox.co.cc/2012/01/mitm-w-arp-toxin-and-driftnet-video.html

edmund_f

that looks really cool, looking forward to seeing the whole thing

LoLth

whats the best way to get to the con using public transport from Plunkett station? Is there a direct(ish) bus?

infodox

Very slowly uploading it all to Google Docs 'cos my netbook and the fileformat are having disagreements.

See the (so far uploaded) chunk here

https://docs.google.com/present/edit?id=0ARcveSCckgmkZGR6Yno1ZzlfMGhxc203OWZo

BTW, any advice, tips, etc are welcomed. I a still trying to get the FAKE-AP, Karma 2.0 and IPPON demo's ready just have to finish the preparations

Hijpo

Any idea how long it ill go on for?
I could finish work at 5am, get some kip, go to that, get some kip and back to work for 9pm???

dlofnep

Doors open at 9am, event finishes probably around 6pm - You obviously don't have to stay all day

Hijpo

dlofnep wrote: »

Doors open at 9am, event finishes probably around 6pm - You obviously don't have to stay all day

How could i drag myself away from all this intrigue?

dlofnep

Hi everyone - CampusCon has been moved to the main WIT campus on Browne's Road, which will be easier for everyone to get to. You can get any bus in town directly to the Campus.

dlofnep

Location



Bus schedule: http://www.buseireann.ie/pdf/1307530970-Waterfordbr.pdf

infodox

I got myself transport to the venue, one hell of a drive so I am going for a nap once I am done with the video encoding from the last minute test of the code I just finished a beta of.

I had to borrow some demo's from other people 'cos either A: my dhcp server was acting the maggot (stopping me from making my fake-ap and karma videos) or B: I had no test network when I HAD stuff running. But I am crediting the sources of the footage I used, and have sent the messages about it.

I however might be able to remake my own versions between now and sleep as I have 2 laptops and a LAN on which to test...

SO excited for tomorrow I will be releasing the beta of my MITM utility there, and showcasing some other people's work that I found amazing, as well as showing some creepy ideas...

// TEASER OF SOFTWARE //

dlofnep

CampusCon was great. Thanks to everyone who came. Shattered tired now, sleep time!