Wednesday, November 30, 2011

Uplink--hacking simulation game

I haven't played it yet, but downloaded it this morning as part of the newest Humble Indie Bundle (set your own price for a pack of independent games that are completely DRM-free)

http://www.introversion.co.uk/uplink/

Thursday, November 24, 2011

Tag

Oooo tie a paisley ribbon on the Dark man's car,
It's been one long game and I keep picking on his car...

Luvs ya,
Ms.M

Movie Night

Ok so I'm a dope.
For those coming to movie night please change the 6 on the invitation to a 16.
Hope to see you all there,
Corey

Monday, November 21, 2011

IMPORTANT REMINDERS!!!

The Chapters 7, 8, 9 and 10 test will be tomorrow (Tuesday, Novem,ber 22) in class.  The test will be based on the content compiled from the presentations given on Thursday.  It will include a hands on component using the virtual environment that will be based on something you had to complete for homework from the chapters.

Also, Project 9 and Chapters 7, 8, 9 and 10 homework is also due tomorrow (Tuesday, November 22).  Chapters 7, 8 and 10 are technical screenshots, while Chapter 9 is research based screenshots.

The class immediately following Thanksgiving break, Tuesday, November 29 there will be no class due to Professional Development Day for faculty.  We will resume for our final less three weeks on Thursday, December 1.

Thursday, November 17, 2011

http://www.youtube.com/watch?NR=1&v=YiBMLp2Ows8

Did you enjoy the Tooth rotting Candy

I hope you enjoyed the free candy, Jolly Ranchers are irresistible. It contained a new formula developed by a secretive group of dentists.

Social Engineering done, get Tooth rotters into the class room and get the majority of people to have at least one.

Wednesday, November 16, 2011

Stop Online Piracy Act....could Stop Online Participation

Essentially, only 'content owners' can post material; by 'content owners' they mean **AA, et al.

Much farther-reaching than the title of the bill lets on.  This could effectively outlaw software like VPN, TOR, etc.  This is scary; China is currently less restrictive.

It seems like if anyone disagrees with anything online, all they would need to do is post a link to torrents or warez on the blog/forum/site.

http://www.itworld.com/security/224681/sopa-sponsors-deride-criticisms-myths

There are many. many more links on this abomination.

Tuesday, November 15, 2011

Project 9: Windows Password Cracking with Cain and Abel

What You Need
A Windows XP machine with administrator access (real or virtual)

Creating Passwords to Crack
1.             Click Start, right-click My Computer, and click Manage.  In Computer Management, in the left pane, expand the Local Users and Groups container.
2.             In the left pane of Computer Management, click the Users container.  You should see some accounts in the right pane, as shown below on this page.

Creating Test Accounts
3.             In the left pane of Computer Management, right-click Users and click New User.
4.             In the NewUser box, enter user name of P3 and a password of abc, and click Create.  The check boxes in the lower section of the New User box don’t matter, because no one will really be using these accounts.
            P1        abcde
            P2        123
            P4        password


5.             Repeat the process to create the three accounts above.

Installing Cain
6.             On the virtual machine's desktop, open a browser and go to oxid.it
7.             In the upper left, click Projects.
8.             Scroll down past the disclaimer and click "Cain & Abel".
9.             Scroll down and click "Download Cain & Abel v4.9.25 for Windows NT/1000/XP".  (The version number may be higher now.)  Save the installer on your desktop.
10.         Double-click the installer.  Install the software with the default options.  It will install WinPCap as well as Cain & Abel.

Installing Abel
11.         Cain is the password cracker, and Abel is the process that harvests the hashed passwords from the Windows machine.  You normally install Abel on the target machine, but we'll just install it locally.
12.         Click Start, Programs, Accessories, Command Prompt.
13.         Type in the following command and press the Enter key:
copy \"program files"\cain\abel.exe \Windows
This command copies the Abel installer to the C:\Windows folder.
14.         Type in the following command and press the Enter key:
copy \"program files"\cain\abel.dll \Windows
This command copies the Abel DLL file to the C:\Windows folder.  This file is the actual service.
15.         Type in the following command and press the Enter key:
cd \Windows
This command changes the working directory to C:\Windows.
16.         Type in the following command and press the Enter key:
abel
This command installs the Abel service.  A box pops up saying "Abel service has been installed successfully!"  Click OK.
17.         Type in the following command and press the Enter key:
services.msc
18.         The Services window appears.  At the top of the right pane, right-click Abel and click Start.  In the top line of the right pane, you should see the Abel service with a Status of Started, as shown below on this page.

Finding your Computer's IP Address
19.         Click Start, Run.  Type in CMD and press Enter.  In the Command Prompt window, type IPCONFIG and press Enter.  Find your IP address.

Collecting Password Hashes With Cain
20.         Double-click the Cain icon on the desktop.  Click the Cracker tab.
21.         In the center of the window, right-click and click "Add to list". 
22.         In the "Add NT Hashes from" box, click Next.
   
Cracking Passwords
24.         In the right pane, right-click P3, point to "Brute-Force Attack", and click "NTLM Hashes", as shown below on this page.  Note: we are cracking the NTLM hashes, not the old, weak LM hashes.  The NTLM hashes are much more difficult to crack, so it will only work for short passwords.
25.         In the "Brute-Force Attack" box, click the Start button.  It should find the three-letter password immediately.  Close the "Brute-Force Attack" box.
26.         In the right pane, right-click P5, point to "Brute-Force Attack", and click "NTLM Hashes".
27.         In the "Brute-Force Attack" box, click the Start button.  It should find the five-letter password within a few seconds.  Close the "Brute-Force Attack" box.
28.         In the right pane, right-click P7, point to "Brute-Force Attack", and click "NTLM Hashes".
29.         In the "Brute-Force Attack" box, click the Start button.  The seven-letter password is hard to crack, however– no answer appears immediately.  It might take a long time to crack, so we'll give up.  Click the Stop button.  Click the Exit button.
30.         You should see the two passwords you found, abc and abcde, in the NT Password column of the Cain window.

Saving the Screen Image
31.         Press the PrntScn key to copy whole screen to the clipboard.  Open Paint and paste in the image.  Save it as a JPEG, with the filename Your Name Proj 9.

Turning in your Project
32.         Email the JPEG image to me as an attachment. 
33.         This is due Tuesday, November 29.

Chapter 7, 8, 9 and 10 Test

The test on these 4 chapters will be next Tuesday. November 22.  The content of the exam will be based on the concepts you presented in class this Thursday, November 17.  The exam will include a Hands-On component using the virtual environment similar to the homework exercises from the chapters.

Chapter 9 and 10 Homework

Chapter 9 and 10 Exercises from the book are due next Tuesday, November 22. 

On Thursday (11/17)

THE PLAN!

Comrade Crimson, Ms. Magenta, and Captain Seafoam Green will present on Chapter 7
Midnight Lover will present on chapter 8
General Angry Red and Professor Purple will present on chapter 9
Dr. Ultraviolet and Mustache Man will present on chapter 10.

You have 10-15 minutes PER CHAPTER to present. You are, effectively, teaching the chapter. Like professors, you need to choose what you think are the most important ideas in the chapter, and find an ENGAGING way to convey them to your classmates. DO NOT BE BORING. Also, make sure you choose not just the ideas you happen to find most interesting (alas, teaching isn't just about the stuff the teacher thinks is coolest), but the most FUNDAMENTAL ideas in the chapter.

(edited due to paranoia.)

Anyone hungry?

Food has been smuggled in. To get a full size box of cookies in, I placed in between two textbooks. (even though it was in a grocery bag I was not stopped at the gates).

Lock UN-picked

After many hours of frustration, I was unable to pick a Master lock (belonging to me).

It's the effort that counts.


http://packetstormsecurity.org/news/view/20175/US-Anti-Hacking-Law-Turns-Computer-Users-Into-Criminals.html

Friday, November 11, 2011

Payback's a BITCH


Angry Red, you were paid your due, but I sent a message to tag along. Task-get a note into your wallet. :)

Thursday, November 10, 2011

TED Talk - Gaming/Problem Solving As Learning

http://www.ted.com/talks/jane_mcgonigal_gaming_can_make_a_better_world.html

Pics of Whiteboard from Discussion Last Week

Who has these?  Can you please create a unique post with them soon?  Thanks!!!

Backtrack Machine Character Repeat Fix Courtesy of Professor Jefferson Fernandez!

At the BT computer:
in the konsole shell before entering the GUI use the command:

xset r off

This will turn off the auto-repeat!!!!
then
startxto start the GUI

Thanks Professor Fernandez!

Chapter 8 Homework

Complete Exercises 8-1, 8-2, 8-3, 8-4, 8-5 from the textbook.  These are due next Tuesday, November 15.  Assignments 8-1 and 8-2 can be completed on any PC with Windows.  Assignments 8-3, 8-4, 8-5 must be completed in the virtual envirnoment.  Sumbit screenshots for credit!  Good luck!



this reminded me of our current chapter :)

Tuesday, November 8, 2011

I NEED POINTS!!

Ok, Ms Magenta has been trying to figure out what is wrong with his computer. It does seem to respond, the icons do not respond...oh dear...help help.

You have been trying to figure it out for the past week and still no luck. I have now spread my simple tactic to my computer and soon it will spread throughout the whole class until I get some points. Give me the points I so rightfully deserve which has baffled you for the past week!!

Cookie

Oh Dark one, here's a cookie for you.
Right in your bag where I talked Crimson into placing it :)
Smoochies,
M

General Angry Red and Mustache Man

We have both successfully blocked an evil and dire plot from Midnight Lover to break a dollar for him. The world is now safe due to the valiant and heroic efforts of General Angry Red and Mustache Man.

Hacktivism!

Your textbook focuses on one kind of "ethical hacking," hacking for hire, with permission from the company or organization that commissioned the hack. But there's another possible kind of ethical hacking. As we discussed last Thursday, some hackers use their powers--they think--for good. They attack sites with purposes that they deem morally wrong, such as child pornography sites. The Jester and Anonymous both do this sort of hacking, as do many other hackers. These hacks are not morally neutral; they are possessed of moral intention.

Find a news article, blog post, or other indication of a SPECIFIC hack with a moral intention. Post a comment on this post:
-linking to the news article/blog post/tweet/whatever
-explaining the hack (what did they do? when?)
-introducing the target (who did they hack?)
-excavating the moral intention (why did they hack it? Try to find communication *from* the hacker or hacker group saying why they did it; if not, try to speculate about their motives and come up with an argument for why it was legitimate for the hacker to hack this site.)

Email me if you have questions-- profpoole at gmail dot com. Please post this by Thursday at 9:00 AM. Yes, THIS THURSDAY, 11/10.

And the answer is....

The answer to the bonus question from the last test appears in Chapter 8!  Hmmm, interesting that I would ask a question that is later answered in your book.  Did anyone think to consult the book?  :)

Monday, November 7, 2011

Cake


Did I remember to upload this pic from my task of bringing in something for everyone to eat?
Here it is.
Magenta

Mail Call

[photo deleted]
Crimson, I said I'd watch your bag so I watched your computer at the sametime.
Oh this one was a pic of someone's email.
HUGS
Magenta

Little Red Soup Can


Oh mister dark one...
Could this be yours?
Shame my Magenta Rules sign didn't show.
This of course was a pic of one of the other game players cars with the license plate.
Ta ta love...

2600

http://www.2600.com

Good magazine, and website of interest. Check it out if you have not already.

And the Leader is....

Player
Points Earned This Week
Points Lost This Week
Total Points Earned
Captain Seafoam Green
10
0
10
Comrade Crimson
9
-2
7
Ms. Magenta
9
-4
5

Thursday, November 3, 2011

Calc1 or was it Stats1

Who was I talking to one night after class about one of those classes, I have to register for next semester.

Arrgh! you salty sea biscuits

Avast! Cpt. Seafoam Green strikes again

Mission: attach a piece of ribbon to a landlubber key-chain.

Action taken:
I attached the ribbon to his key-chain which was attached to his belt loop. He didn't notice and
I even took a photo with the flash on which also went unnoticed . Not sure of his handle so i will call him mustache man.

See link for proof http://i.imgur.com/TDUQm.jpg



button button, who's got the button?

wow, a 2-fer day. Gotchya, Ultraviolet.

It's only pink, even though I'd rather it say "Don't Panic!!"

post-it punk'd

gotchya. :D


EDIT: Actually, I got TWO fellow players! The first was S (unsure of game-name). I'll reveal the second target only if it garners extra points :)...folks, be careful when I bait you. Playing/offering to be a target can be a ruse.

Love y'all!

BTW, I've been trying to be fair and not targeting anyone more than once. Just sayin'. :D

task - post it in someone's book, 1st page of chapter 7.

Logical Fallacies

http://www.logicalfallacies.info/

Wednesday, November 2, 2011

Access?

Mission: get access to someplace you are not supposed to be.

One of the T fare-collection stalls at Harvard Square was unlocked with an open door, so I just poked my head in briefly (sadly no photos, the Info kiosk had a direct sight line to the room and I didn't want to get caught exiting). The contents of the room looked to be a good deal of computer gear, probably the station camera feeds. I probably could have gotten further had I not been carrying a bunch of crap.

As such, I don't know if it warrants pointage, although I do have a few other targets in mind.

Paperclipped

Mission: put something harmless in a fellow player's pocket/bag. From two weeks ago, so I do not know if I still get the points.

I believe I managed to put a dog-bone paperclip into Midnight Lover's bag (it was then found and apparently removed as someone else found it on a keyboard).

Tuesday, November 1, 2011

Cloth for Magenta

Placed cloth in your wallet....time to cut up those credit cards :)

Harvard Hack

Please read the article in the link, along with looking into what Anonymous and the Jester have done as Hacktivists for the continuation of our discussion on Thursday. 
http://www.ethicsinbusiness.net/case-studies/hacking-into-harvard/

you've been FORKED

my challenge from last week...

You've been forked, O!!

<3

Yeah, you were right, I was up to no good :)

my task was to get a plastic fork into his bag.