So I hope everyone liked the food I smuggled into the lab since that was the challenge I drew.
If you want the recipes for any of the components of that dish let me know.
Till then ta my darlings,
Magenta
Sunday, October 30, 2011
Thursday, October 27, 2011
Chapter 7
Please read Chapter 7 and do Activities 7-2, 7-4, 7-5 for Tuesday, November 1. Please email a screen shot or two for each one by Tuesday BEFORE class starts.
Wednesday, October 26, 2011
Tuesday, October 25, 2011
Access to a restricted area.
I originally posted this as a comment, so this is the cut and paste. I accomplished it immediately following last Thursdays class. My task was, basically, to gain access to a restricted area.
I immediately figured I would use the fact that all summer I have been a regular fixture at some of the the behavioral labs at MIT, taking part in various studies as a subject. The last one I did ended in September. I had no specific plan of where to end up. Yet, the door was locked today. I lurked a bit and was rewarded - out came an academic, and in I went. Nobody was in the locked lab. A janitor was wheeling down the hall, talking on the phone. I followed him through a locked door and....found myself in the basement! I wandered a bit. It went under several buildings. I passed a number of grad students walking through with data that they were pouring over, wearing badges, so I took out my badge holder (with my T pass and bank card and BHCC ID in it), and let it dangle from my necklace. Professor types passed me as well, and this time I was acknowledged - but not questioned. Various janitors walked past me. They even saw me taking pictures, but said nothing. I wandered into the front area of an occupied mail room, and snapped some pics (mind you, packages in reach that I could easily have taken or messed with if I had been malicious)...I wandered out to the shipping and receiving bay, and there was the ONLY place that I was stopped and sent back...I claimed I couldn't find the mailroom and was shown the way. I took pics of various piles of junk, like stripped computers, in a few side areas, and some creepy basement corners. Eventually I wandered out of a totally different building than I entered, apparently one of the clinical research areas. I also wandered out WITH someone...I had started a conversation with a random person walking by when it seemed I was spotted by security after all, about the book he was carrying (The Chomsky-Foucault Debate: On Human Nature, for the curious)...and made a show of gestures that might be mistaken for familiarity from a distance, and it worked. I walked out with the gentleman.
One thing that seemed very, very common - many, many people were on phones. Mostly using it visually - texts and data - only two people chatting (shipping dock guy and janitor). This made it VERY EASY to do this task.
https://plus.google.com/photos/115946097789758291346/albums/5665928144813762033
Ultimate Failure
Ms. Magenta has caused a failure due to forgetfulness/laziness.
Midnight Lover you have successfully avoided an evil hyper complex and specific plot to give to you an item of sure death and destruction, AN M&M COOKIE GIVEN TO YOU BY SOMEONE OTHER THAN ME.
Midnight Lover you have successfully avoided an evil hyper complex and specific plot to give to you an item of sure death and destruction, AN M&M COOKIE GIVEN TO YOU BY SOMEONE OTHER THAN ME.
My first adventure
Ok ok so it was an easy one, all I had to do was to get someone to bring me a treat, something everyone should be doing anyways. Crimson was so sweet to smuggle some M&M's into the lab for me while one of the judges where watching and almost gave me away, shame on you! Although I didn't get much of the work done I told Crimson I was doing to get her to fetch and carry for me I was able to later chat up one of the labdrones and got the number 3 pc fixed a bit faster :)
That's all for me for today I still have papers to write, software to code, and maybe a cake to bake.
Ta Darlings!
That's all for me for today I still have papers to write, software to code, and maybe a cake to bake.
Ta Darlings!
Find out the name (first & last) of a person (fellow player) lives with.
Target: Ms Magenta
A**x Rock
A**x Rock
The Game
What, no posts of hacks in the game? Was everyone simply too busy to try to win hack points this weekend? Don't forget your hacks expire at the beginning of class today and you will be able to select new ones.
Monday, October 24, 2011
Thursday, October 20, 2011
Wednesday, October 19, 2011
Tuesday, October 18, 2011
Chapter 6 Homework
Please complete all the exercises from the textbook from Chapter 6 and submit screen shots demonstrating the work by next Tuesday, October 25. For most, if not all, of the exercises you will need to use the virtual environment to complete the work. Make sure to schedule yourself a lab session and get to work!
Sunday, October 16, 2011
Hacking and Voting Machines
http://www.thenewamerican.com/usnews/politics/9330-electronic-voting-machines-proven-vulnerable-to-hacking
A friend sent me this link. He threw this at me as an idea for a potential "group project" (I'm not sure in what manner this could be explored, exactly, but I'm intrigued), and to check out the embedded blue links in the texts. Also, he sent the fixed URL for the video link on the page that was broken -
http://www.youtube.com/embed/6ClrHPShljM
A friend sent me this link. He threw this at me as an idea for a potential "group project" (I'm not sure in what manner this could be explored, exactly, but I'm intrigued), and to check out the embedded blue links in the texts. Also, he sent the fixed URL for the video link on the page that was broken -
http://www.youtube.com/embed/6ClrHPShljM
Saturday, October 15, 2011
Security researcher sued for disclosing flaw
An interesting article I found about a security researcher in Australia who did find and disclose a vulnerability, but the company is claiming he ran afoul of a computer crimes act.
http://www.scmagazine.com.au/News/276780,security-researcher-threatened-with-vulnerability-repair-bill.aspx
Illustrates the need for security professionals to not only know their laws, but to ask before doing any testing and have a contract in writing. Although I think the company should be grateful that he found it and not a malicious hacker...the actual 'test' didn't involve anything particularly complex.
http://www.scmagazine.com.au/News/276780,security-researcher-threatened-with-vulnerability-repair-bill.aspx
Illustrates the need for security professionals to not only know their laws, but to ask before doing any testing and have a contract in writing. Although I think the company should be grateful that he found it and not a malicious hacker...the actual 'test' didn't involve anything particularly complex.
Cell Phone Hack Technique
http://youtu.be/zaxYmm0XwTQ
a fairly simple way to bypass the need for passwords with some cell phone voicemail accounts.
...mostly, I posted this because this shows something fairly invasive and that might lead to more data. This can be done if anyone managed a simple social engineering feat that results in a phone number. I showed this video to a friend who was having a chuckle when I was telling her of our Social Engineering assignments, and she commented "Seriously, how much damage can be done if you just get a phone number? People give those out everyday."
Well, there you go.
a fairly simple way to bypass the need for passwords with some cell phone voicemail accounts.
...mostly, I posted this because this shows something fairly invasive and that might lead to more data. This can be done if anyone managed a simple social engineering feat that results in a phone number. I showed this video to a friend who was having a chuckle when I was telling her of our Social Engineering assignments, and she commented "Seriously, how much damage can be done if you just get a phone number? People give those out everyday."
Well, there you go.
Friday, October 14, 2011
SEAN? Anyone?
I'm missing something? Or do I have brain damage, or something... I'm still having issues with the assignments, I haven't gotten past the ping sweep! Sean, if you can give me that run through again? And checking one more time, in case I'm confused...these are done on the virtual environment, yes? Man, I am feeling a bit stupid here, but I'm not going to move along faster if I don't ask for help, so I am. I'm flailing. I keep getting this error, so I'm sure I'm messing up the IP range, syntax, SOMETHING.
Thanks. :/
Thanks. :/
Wednesday, October 12, 2011
Tuesday's challenges!
On Tuesday, I gave each one of you an individual social engineering challenge.
Post the results of your attempt to conquer your challenge here, by noon on Thursday!
Remember, you all also had to do the "Eight ball in the corner pocket" challenge of getting someone to go somewhere of your choice...i.e. to sit somewhere, or, in Orlando's modification, to park somewhere!
We'll talk about both in class on Thursday!
More social engineering fun (post-Thursday)
All right, team! I don't know what you've done yet in response to Tuesday's challenges, but here's something I want you to try.
Get someone you don't know to ASK, face to face (Karl..), for your phone number, email address, etc. Don't just give it to them outright, make them ask for it. You can make them work really hard for it if you want to, or you can give them a really lovely primrose path, (i.e. "We should stay in touch! ")
Everybody has to try. Who's going to be the first one to conquer this one? Comment!
Social Engineering tactics homework
1.
Eight ball in MY preferred corner pocket...too easy! Sat in the computer lab area outside our class, I was in between two empty seats, girl walks up and tried to sit to my right. I told her there was a virus on that PC, so she sat to my left.
2.
Construction going on around my building, I walked through my alleyway and noticed a construction truck with the driver parked on a private parking spot. I told him that I owned the spot (which I don't) and kindly requested him to move. He agreed and did so.
Tuesday, October 11, 2011
Hypnosis and Social Engineering
An interesting post I found just now on The Ethical Hacker Network (great website overall) about how hypnosis doesn't work as well for social engineering as one might be led to think.
http://www.ethicalhacker.net/content/view/366/24/
http://www.ethicalhacker.net/content/view/366/24/
Project 8 - Decoy Scan
Decoy Scan Using nmap
Exercise 1: in this exercise, you’ll use nmap to perform a decoy scan, which mixes
your IP address with bogus IP addresses (using the -D option):
1. From a BackTrack shell, type the following (only type what's in bold, on one line):
user1@pentest:~#nmap -n -D192.168.1.5,10.5.1.2,me,172.1.2.4 target_IP_address > /root/ceh/decoy_scan
Syntax breakdown:
nmap: program name
-n: program option to never resolve DNS names
-D192.168.1.5,10.5.1.2,me,172.1.2.4: program option to cloak your scan with the supplied bogus and real IP addresses target_IP_address: the IP address of the target system
> /root/ceh/decoy_scan: redirect the output to a file called decoy_scan in the /root/ceh directory
2. Examine your results:
user1@pentest:~#cat /root/ceh/decoy_scan | less
3. Email your results to proflheureux@gmail.com.
Project 7 - Port Scanning Using TCP
TCP SYN Scan Using nmap
Let's build on this common port scan so that your actions are stealthier.
In the next example, you will add two additional options: the -g and the –p options:
The -g option specifies the source port on the scanning machine (your system).
The most common option to use here is port 80 (because it's allowed through most
border network devices). The -p option sets the ports on the target system to scan.
Exercise 1: TCP SYN scan:
1. Using the -sS flag option, you will send the target system a SYN packet, but upon receiving the SYN/ACK from the target system, your system will not respond with an ACK packet (thus, completing the 3-way handshake). Instead, your system will respond with a RST packet (the port is then considered open). If you receive an RST/ACK packet from the target system, it indicates that there is not a running process on that port, or the process running on the port is not listening for connections.
user1@pentest:~#nmap -sS -vv -g 80 -p 80,88,135,139,389,445 target_IP_address > /root/ceh/syn_scan
nmap: program name
-sS: program option for TCP SYN scan
-vv: program option for double verbose output
-g 80: program option that specifies the source port on the scanning machine
(your system)
-p 80,88,135,139,389,445: specifies the ports on the target system to scan
target_IP_address: the IP address of the target system
> /root/ceh/syn_scan: redirect the output to a file called syn_scan in the /root/ceh directory
3. Examine your results:
user1@pentest:~#cat /root/ceh/syn_scan | less
5. Repeat steps #2-3 using a different target IP address and different destination port numbers
6. Email your results to proflheureux@gmail.com.
Project 6 - Port Scanning Using UDP
UDP Scan Using nmap
In this lab, you will use the nmap -sU option to perform a UDP scan.
With this scan type, nmap sends 0-byte UDP packets to each port on the target system. Receipt of an ICMPv4 Destination Unreachable/Port Unreachable (Type 3, Code 3) message signifies the port is closed; otherwise it is assumed open.
One major problem with this technique is that when a firewall blocks outgoing ICMPv4 Type 3, Code 3 messages, the port will appear open. These false-positives are hard to distinguish from real open ports.
Another disadvantage with UDP scanning is the speed at which it can be performed. Most OSes limit the number of ICMPv4 Type 3, Code 3 messages which can be generated in a certain time period, thus slowing the speed of a UDP scan. nmap adjusts its scan speed accordingly to avoid flooding a network with useless packets.
NOTE: Microsoft OSes do not limit the ICMPv4 Type 3, Code 3 error generation frequency, thus, making it is easier to scan a Windows machine's 65,535 UDP ports in very little time.
Exercise 1:
user1@pentest:~# nmap -sU -v target_IP_address > /root/ceh/udpscan
Syntax breakdown:
nmap: program name
-sU: program option for UDP scan
-v: verbose mode
target_IP_address: the IP address of the target system
> /root/ceh/udpscan: redirect the output to a file called udpscan in the /root/ceh directory
2. Examine your results:
user1@pentest:~#cat /root/ceh/udpscan | less
3. Repeat steps #1-2 using different target IP addresses. Compare your results.
4. Email your results to proflheureux@gmail.com.
Project 5 - Ping Sweeps
Network Ping Sweeps Using nmap
Nmap ("Network Mapper") is a free and open source utility for network exploration and/or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available.
Exercise 1:
1. From a BackTrack shell, type the following (only type what's in bold):
user1@pentest:~# nmap -sP -v class_IP_range/24 > /root/ceh/ps1
Syntax breakdown:
nmap: program name
-sP: program option for ping sweep
-v: verbose mode
class_IP_range/24: replace class_IP_range with the network block to scan (e.g., 10.10.10.0/24)
> /root/ceh/ps1: redirect the output to a file called ps1 in the /root/ceh directory
2. Examine your results:
user1@pentest:~#cat /root/ceh/ps1 | less
3. In the output, look for the text “Host is up” and record these systems’ IP addresses
4. Email your results to proflheureux@gmail.com.
hi guys....this is Marie
I'm posting this here because I know Monica and Jamie will get it this way :)
I won't be in today, so if I missed anything huge, let me know? I fell on my front stairs last night and spent 12 hours in the hospital getting repeated cat scans, because I had a VERY nasty concussion and a head wound. If it is needed for any reason, I have the hospital paperwork. They have me on a week of anti seizure meds so I'm not feeling so hot. anti-seizure med. They suggested I spend most of today resting, so...I will be. Thanks! Sorry for the unusual approach of communication, but at least I know the message will get to the right people.
I won't be in today, so if I missed anything huge, let me know? I fell on my front stairs last night and spent 12 hours in the hospital getting repeated cat scans, because I had a VERY nasty concussion and a head wound. If it is needed for any reason, I have the hospital paperwork. They have me on a week of anti seizure meds so I'm not feeling so hot. anti-seizure med. They suggested I spend most of today resting, so...I will be. Thanks! Sorry for the unusual approach of communication, but at least I know the message will get to the right people.
Thursday, October 6, 2011
micro expression
http://www.social-engineer.org/framework/Psychological_Principles:_Micro-Expressions
In case you are not familiar with this, it is being able to detect minute, FAST expression and hints in body language that help you to read a person, and the intent they have, as well as recognize trust, and lying. Works well with NLP if you have the knack.
In case you are not familiar with this, it is being able to detect minute, FAST expression and hints in body language that help you to read a person, and the intent they have, as well as recognize trust, and lying. Works well with NLP if you have the knack.
Chapter 4 and 5 Homework
Complete Activities 4-1 through 4-6, and Activities 5-1 through 5-4 at home using the Backtrack CD that comes with the textbook. Use screenshots or snips to demonstrate that you completed each activity. These assignments will be due on the date of the exam for these Chapters.
Your target cannot be anyone you already know.
1. Get someone's workplace.
2. Get someone to stay on the train or get off the train at a different stop than they planned.
3. Get someone to buy you something. It can be a drink or food item but doesn't have to be. Try really hard not to just ASK them outright to buy you something.
4. Find out someone's commute--times, trains, car route, etc.
5. Get someone's phone number. Pretexts are helpful here.
6. Get someone's schedule tomorrow, down to the hours.
7. Follow a target for at least ten blocks in downtown Boston without the target's noticing.
8. Get someone to ask for YOUR phone number. Don't just give it to them; make them ASK.
9. Get someone to go somewhere with you where THEY WEREN'T PLANNING TO GO.
1. Get someone's workplace.
2. Get someone to stay on the train or get off the train at a different stop than they planned.
3. Get someone to buy you something. It can be a drink or food item but doesn't have to be. Try really hard not to just ASK them outright to buy you something.
4. Find out someone's commute--times, trains, car route, etc.
5. Get someone's phone number. Pretexts are helpful here.
6. Get someone's schedule tomorrow, down to the hours.
7. Follow a target for at least ten blocks in downtown Boston without the target's noticing.
8. Get someone to ask for YOUR phone number. Don't just give it to them; make them ASK.
9. Get someone to go somewhere with you where THEY WEREN'T PLANNING TO GO.
Reply to this BY MONDAY:
Post a comment to this post. Find a YouTube/Vimeo/etc. clip from a movie or TV show illustrating social engineering, defined as gathering information or manipulating people IN FACE-TO-FACE situations or on the phone. (No porn, please.) Identify the techniques of social engineering you see in the clip. What makes them effective? How would you use those techniques in your life?
Post a comment to this post. Find a YouTube/Vimeo/etc. clip from a movie or TV show illustrating social engineering, defined as gathering information or manipulating people IN FACE-TO-FACE situations or on the phone. (No porn, please.) Identify the techniques of social engineering you see in the clip. What makes them effective? How would you use those techniques in your life?
Project 4
What You Will Need
· A computer Windows 7 (or Windows XP, or Vista)
· Administrator privileges
· The instructions assume you are using Windows 7
Downloading and Installing the Gnu Privacy Guard
1. The Gnu Privacy Guard is a software package that generates keys and encrypts data.
2. Open a Web browser and go to ftp://ftp.gnupg.org/gcrypt/binary
3. Scroll down and find the latest Windows version--when I wrote this, it was gupg-w32cli=1.4.9.exe.
4. Download the EXE file. Save the file on your desktop.
5. On your desktop, double-click the installer file and install the software with the default options.
Enabling IMAP
6. Log on to gmail.
7. IMAP is Internet Message Access Protocol, and we will use it to connect Thunderbird to Gmail.
8.
9. On the Settings page, click "Forwarding and POP/IMAP". In the "IMAP Access" section, click "Enable IMAP", as shown to the right on this page. Click "Save Changes".
Downloading and Installing Thunderbird
11.
12. Open a Web browser and go to getthunderbird.com
13. Click the "Free Download" button, as shown to the right on this page. Download the software and install it with the default options.
Configuring Thunderbird
14.
15. In the "Import Settings and Mail Folders" box, check the "Don't import anything" box and click Next.
16.
17. Thunderbird should automatically configure your email account, so both the Incoming and Outgoing mail servers show green dots, as shown to the right on this page. If that doesn't work, check your user name and password.
18. When both dots are green, click the "Create Account" button.
19. In the "System Integration" box, click OK.
20. You should now see your inbox in Thunderbird.
21. Enigmail is a Thunderbird add-on that allows you to use Gnu PG to encrypt your email.
22. At the top of the Thunderbird window, click Tools, Add-ons.
23. In the Add-ons box, type enigmail into the search box and press Enter. Enigmail is found, as shown to the right on this page. Click the "Add to Thuinderbird…" button.
24. Click the "Install Now" button. Wait while the software downloads and installs.
25. When you see the "Install Complete" message, click the "Restart Thunderbird" button.
Using the Enigmail Key Generation Wizard
26. At the top of the Thunderbird window, click OpenPGP, "Key Management"
27. In the "Welcome to the OpenPGP Setup Wizard" box, click Next.
28. In the Signing box, click Next.
29. In the Encryption box, click Next.
30. In the Preferences box, click Next.
31. In the "Create Key" box, type a passphrase of your choice into both boxes and click Next.
32. In the Summary box, click Next.
33. A "Key Creation" box appears. You need to use your computer for something else for a while to create randomness. When the key management process is done, you will see an "OpenPGP Confirm" box, as shown below on this page.
34. Click Skip. Click Finish.
Publishing Your Public Key
35. No one can send you encrypted email unless you put your public key on a server where people can find it.
36. In the "OpenPGP Key Management" window, type your email address into the search box. Your key should appear in the lower pane, with a Key ID, as shown below on this page
37. Right-click your key ID and click "Upload public keys to keyserver".
38. In the "Select Keyserver" box, click OK.
Importing Proflheureux's Public Key
39. In the "OpenPGP Key Management" window, click Keyserver, "Search for Keys".
40. In the "Select Keyserver" box, type proflheureux@gmail.com and click OK.
42. In the "OpenPGP Alert" box, click OK.
43. Your "OpenPGP Key Management" box should now show two keys: one for you, and one for Sam. Close the "OpenPGP Key Management" box.
44. In Thunderbird, click the Write button.
45. Compose an email to these two recipients:
· Yourself at any email address you use
46. Enter a Subject of "Project 4 from YOUR NAME", replacing YOUR NAME with your own name.
47. Put some text in the body of the message, such as "Hello!".
48. On the menu bar, click OpenPGP, "Encrypt Message".
49. Click Send.
50. In the "OpenPGP Key Selection" box, click OK.
51. In the "OpenPGP Confirm" box, click Continue.
52. You're done.
Wednesday, October 5, 2011
Social Engineering
To follow up from Tuesday's workshop, yesterday I decided to walk my dog and hack (not to confuse with vomit) on the vulnerable. I used my dog to approach a female who was walking her dog. I started with small talk about her dog and then the conversation grew further in regards to our neighborhood.
To make the long story short, she provided her name, address and gave me her phone number. When I told her that I was married, she replied "just in case you have second thoughts".
Ok WTF!!! This little hacking adventure of ours, will get me into some trouble!!
I can only thank my dog for the help :)
Subscribe to:
Posts (Atom)