Sunday, February 27, 2011

Some 304Geeks in the News

304geeks on Fox News from The 304 Geeks on Vimeo.


Too funny! I have a new title...
Hacker!

And Bill is officially a Security Specialist :D

Wednesday, February 23, 2011

PAE High Memory in Backtrack Linux

PAE High Memory in Backtrack Linux

Here is a step by step guide to enabling the high memory kernel module in backtrack Linux.
This is what you need if you want to utilize the wasted memory while running in your favorite Penetration Testing Distribution!
We all want to get as much power out of our operating systems as possible and that goes double for penetration testers.
Use this simple tweak to enable an extra Virtual Machine or some much needed password cracking.

Enable PAE in Backtrack

########################################################################
#Upgrade BT4-R2 Kernel with PAE High Memory 64GB
#Caution! Upgrading the kernel can cause fatal problems.
#The backtrack developers have reasons to exclude modules
########################################################################
#It is recommended that only the brave attempt the following.
#It is a very simple kernel mod that allows the utilization of more memory
#under my favorite security testing distro.
#Things can and do go wrong but if your looking for this kind of tweak you
#are willing to get your hands dirty. I will walk you through updating the kernel
#for both a live distro and your personal iso. The iso can then be modified to
#include the tools you personally require and install.
#I use the iso update method to make several kernel tweaks and add all of my
#favorite missing software and you can do the same! Happy hacking!
################Upgrading from Backtrack 4 R2##########################
#
# 01. apt-get install linux-source-2.6.35.8
#
# 02. cd /usr/src
#
# 03. tar xvjf linux-source-2.6.35.8.tar.bz2
#
# 04. rm linux
#
# 05. ln -s linux-source-2.6.35.8 linux
#
# 06. cd /usr/src/linux
#
# 07. cp /boot/config-2.6.35.8 .config
#
# 08. make menuconfig
# In the menu Choose Processor type and features -> High Memory Support (4GB) -> 64GB
# and then choose exit and save the changes.
#
# 09. make
# Be patient this can take a long time.
#
# 10. make modules
#
# 11. make modules_install
#
# 12. make scripts && make prepare
#
# 13. mkinitramfs -o /boot/initrd.img-2.6.35.8 2.6.35.8
#
# 14. cp /usr/src/linux-source-2.6.35.8/arch/x86/boot/bzImage /boot/vmlinuz-2.6.35.8
#
# 15. cp /usr/src/linux-source-2.6.35.8/System.map /boot/System.map-2.6.35.8
#
# 16. ln -s /usr/src/linux /lib/modules/2.6.35.8/build
#
# 17. Update your menu.lst
#
# 18. reboot
#
# 19. fix-splash
############[Upgrading the Backtrack 4 R2 ISO]#########################
#
# 01. mkdir /root/BUILD/
#
#
# 02. cd /root/BUILD/
#
# 03. copy your iso to the build directory.
#
# 04. wget offsec.com/bt4-customise.sh
#
# 05. sed ‘s/bt4-pre-final/bt4-r2/g’ bt4-customise.sh >mod
#
# 06. mv mod bt4-customise.sh
#
# 07. chmod 755 bt4-customise.sh
#
# 08. ./bt4-customise.sh
#
# Once inside the chroot environment we can modify the kernel and other tools.
#
# 01. cd /usr/src/linux
#
# 02. cp /boot/config-2.6.35.8 .config
#
# 03. make menuconfig
# In the menu Choose Processor type and features -> High Memory Support (4GB)->64GB
# and then choose exit and save the changes.
#
# 04. make
# Be patient this can take a long time.
#
# 05. make modules
#
# 06. make modules_install
#
# 07. make scripts && make prepare
#
# 08. mkinitramfs -o /boot/initrd.img-2.6.35.8 2.6.35.8
#
# 09. cp /usr/src/linux-source-2.6.35.8/arch/x86/boot/bzImage /boot/vmlinuz-2.6.35.8
#
# 10. cp /usr/src/linux-source-2.6.35.8/System.map /boot/System.map-2.6.35.8
#
# 11. ln -s /usr/src/linux /lib/modules/2.6.35.8/build
#
# 12. install addition packages
#
# 13. apt-get update && dist-upgrade
#
# 14. apt-get clean
#
# 15. history -c
#
# 16. exit
###############################################################
Checkout The Keyboard Cowboy HackSpace

Tuesday, February 22, 2011

A Hacker's Cookbook

That's right!

Who: You

When: Now

What: Hackers for Charity Cookbook? wuh?

That’s right!

We are asking the hacker community to contribute their best recipes to be included in a Hackers Cookbook.

ALL PROCEEDS GO TO HACKERS FOR CHARITY!!! 100%

We have not picked a publisher yet, but we don’t imagine it will be difficult to find interest. (**hint hint.. interested publishers contact rob@304geeks.com)

How: Simple. Just submit your best recipes to cookfu@304geeks.com for consideration.

All categories, appetizers, entrees, desserts, beverages, etc.

Requirements:
1. Recipe and the story that goes with it.
2. Origin (country/region)
3. Pictures (optional, but desired)
4. Name, contact info and short bio. (Hacker nick will do, but if you want to benefit from the directory..)
We want to give something back to the contributors, so we plan to create a directory for the chefs in the book.

We are hoping to receive recipes from all around the world. Yep! If you have some InfoSec friends in other countries, please tell them about this project. We welcome their contribution!

First round of submissions are due by 4/1/2011

Who will contribute?

Ron Gula (CEO Tenable Network Security), Larry Pesce (Pauldotcom), Carlos Perez (Dark0perator), Mike Poor (Inguardians) and Dave Kennedy (social-engineer.com) just to name a few!!

So, whether you have "Reverse Engineered or Fuzzed" a popular recipe, or you want to drop a 0day on us, we would love to see your work!
Join in on the fun!!!

Thanks,

Hackers for Charity
In the spirit of the AIDE winter meeting I would like to re-post a very interesting article I have read regarding the data-recovery on solid state drives.

These drives are becoming increasingly popular and according to the article will bost about 8% of the total mobile hardrive market in 2011.

It seems they are quite difficult to completely erase even with 35 passes.

take a look at the article at LinuxSecurity.com here is a short excerpt.

LinuxSecurity.com: Solid state drives (SSDs) have a small security problem: they’re tough to erase. That warning comes from researchers at the University of California at San Diego. “Sanitization is well-understood for traditional magnetic storage, such as hard drives and tapes,” said the researchers’ in their study summary.
To Get the Full Details About SSDs Prove Tough To Erase

Read the Full Article
(c)Copyright 2011 Guardian Digital, Inc. All rights reserved.

Thursday, February 17, 2011

Today is the first day of the AIDE Winter Meeting

You can register at the door.

Information Security

09:30 am

Opening Remarks

Bill Gardner (oncee) is the InfoSec coordinator of AIDE and an AIDE Board Member, a co-founder and Vice President of 304Geeks, an organizer of Hack3rCon, and an information security evangelist and educator. By day Bill is the IT Manager at one of West Virginia’s larger law firms.

You can follow Bill on Twitter at twitter.com/oncee.

Rob Dixon (GPEN, GWAPT, GAWN, C|HFI, ESSE-D, SnortCP, TNAP, TNCP, TECP, A+) is no stranger to the cyber security world. Ask Rob what he does for a living and he might say, "During the day, I lead my state's Security Operations Center, but at night, I Hack Charities!".

By day, he leads the State of West Virginia’s Cyber Security Operations Center, whose mission includes Security Threat Monitoring, Intrusion Detection, Forensics Investigations, Vulnerability Management, Internet Monitoring and Filtering, Security Standards and Architecture, E-mail Encryption, E-Discovery actions, supporting the mission of the West Virginia - Information Sharing Analysis Center, Incident Response, Network Violation Management, and more.

Rob's expertise ranges from Intrusion Control Design, Cyber Forensics, Incident Management and Response, Risk Management and most recently the art of Penetration Testing. Rob participated in the 2009 DHS/MS-ISAC Defend/Capture the Flag team, with his team winning both the attack and the defend portions of the competitions, besting security teams from state governments around the United States.

Rob is also a leading member of Hackers for Charity, a non-profit organization helping to empower some of the world's neediest citizens through education and training. Rob is also the Founder and President of the 304 Geeks and AIDE supporter.

10:00 am

Where we at? A look at Information Security

The Information Security field has grown into something few imagined. From regulatory and compliance to dedicated security personnel, security is a field that technology birthed and it's not going away anytime soon. Like any new field, it has its share of concerns and problems but how are we looking as a whole? We have more and more budget being spent every year on protecting our organizations from hackers, and yet we continuously see a large trend of breaches and attacks largely successful. As an industry we are getting there slowly, but with anything in technology we have to be fluid, responsive, and proactive. This talk is a look at the Information Security field, what we are doing to protect ourselves and where we need to go. In this speaker’s traditional fashion, he will be showing some cutting-edge hacks and breaking things, and a look at what's to come. Welcome to 2011, a new year, a new set of breaches, a new set of regulations, and a new set of attacks.

David Kennedy (ReL1K) is a security ninja and penetration tester that likes to write code, break things, and develop exploits. Dave is on the Back|Track and Exploit-Database development team and a core member of the Social-Engineer podcast and framework. David continues (and strives) to contribute to a variety of open-source projects. David had the privilege in speaking at some of the nations largest conferences on a number of occasions including BlackHat, Defcon and Shmoocon. David is the creator of the Social-Engineer Toolkit (SET), Fast-Track, modules/attacks for Metasploit, and has (responsibly) released a number of public exploits.

David heavily co-authored the Metasploit Unleashed course available online and has a number of security related white-papers in the field of exploitation. David has a book being released in June from NoStarch Press, "Metasploit: A Penetration Testers Guide". Lastly, David worked for three letter agencies during his U.S Marine career in the intelligence field specializing in red teaming and computer foreniscs.

11:00 am

Radio Reconnaissance in Penetration Testing

Tired of boring old pentests where the only wireless traffic you see is 802.11 and maybe a little Bluetooth? With this amazing new invention, the radio, your eavesdropping options can be multiplied! Come to this talk to learn techniques for discovering, monitoring and exploiting a wide array of radio traffic. Real world examples illustrate how these techniques have been used to gather information on a target's physical security, personnel, and standard operating procedures.

Matt Neely (CISSP, CTGA, GCIH and GCWN) is the Profiling Team Manager at SecureState, a Cleveland Ohio based security consulting company. At SecureState, Matt and his team perform traditional penetration tests, physical penetration tests, web application security reviews, and wireless security assessments. His research interests include the convergence of physical and logical security, cryptography, and all things wireless.

Matt has spoken in the past at a number of security conferences including Rochester Security Summit, Louisville Metro InfoSec Conference, Notacon, Northeast Ohio Information Security Forum, Ohio Information Security Forum to name a few. Matt is also a host on the Security Justice podcast.

Noon - Lunch

1:00 pm

Social Engineering In-Depth

Social Engineering exploits the most vulnerable piece of your network, the user. People are naturally trusting, especially if they are interacting with someone of "power". A hacker that is a good social engineer can, in most cases, extract more information verbally than technically. Users should be trained in identifying social engineering attempts and what to do if they think they might have been duped.

Stephan Looney is a co-owner of Layer2 Security and a passionate hacker. He holds the CEH/ECSA/MCSA and various other industry certifications. Stephan's career began as an AIX administrator and evolved into development in numerous languages and eventually hacking as a profession versus a hobby. He has been doing this for about 10 years and has worked in environments as small as 5 nodes all the way to 60000+ nodes with worldwide infrastructure. Recently he had the opportunity to help write the network security exam for Brainbench as well as help write the course ware and exam for the Security and Mobility course for Apple.

Wayne Porter is a recognized expert on spyware analysis, botnets, online fraud, virtual world security and emerging social media security issues. He was the co-founder of Xblock Systems, a dedicated malware research firm. Xblock was acquired by Facetime Communications. While at Facetime he worked as the Senior Director of Greynet Research, guiding an international team of security researchers to discover and solve complex, high profile security cases such as the Orkut Worm, KMeth Worm, and the SpazBox Puzzle.

Accolades include three consecutive Microsoft Security MVP awards as well as receiving Google's Responsible Security Disclosure Recognition. He served as an expert panelist at the FTC Spyware Work shop in 2004, has presented research at RSA on botnet attacks based in the Middle East, he also holds two patents for software designed to inoculate machines against rogue software. Wayne is also a co-owner of Layer2 security.

Chris Criswell is co-founder of Xblock Systems LLC in 2002. Chris has been a professional malware buster for 10 years. Trained and lead team of specialty researchers and helped produced SpywareGuide.com, Regblock and BlockList lines. Development of two patent pending policy based inoculation technologies to harden system security. Xblock Systems LLC was acquired by FaceTime Communications in May 2005. After leaving Facetime, he created his own consultancy helping companies set up enterprise level infrastructure and systems for malware remediation. He's been hooked to technology since my school unloaded the first Apple II. Chris is also a co-owner of Layer2 security.

2:00 pm

Penetration Testing - The Continuing Failures of an Industry

The Continuing Failures of an Industry: During this presentation we explore the recurring common issues of general performance irregularities in the performance of penetration tests and vulnerability assessments, failures in providing value through understanding risk, impact and vulnerabilities and finally common reporting failures.

Keith Pachulski a.k.a. sec0ps is an independent security consultant in Sterling, VA. He has been involved in the IT and Physical Security scene for over 15 years with focus on regulatory compliance, operational security management, managed IT security services, physical & IT security training, executive security, penetration testing and assessments.

Keith is also a host of the InfoSec Daily Podcast, and has spoken in the past at ShoeCon and at Hack3rCon.

3:00 pm

Blue team is sexy - refocusing on defense

The Pen Testers (aka Red Team) get all the glory... and they shouldn't! It's time the defenders get their due. This talk will illustrate the most effective defenses currently employed and provide tips and tricks for how any organization can up their game to make things much rougher on the bad guys, and better prove their worth to management so limited funding is protected appropriately.

Mick Douglas (CISSP, GCIH, GSNA) is the Consulting Systems Engineer for Information Security at OCLC - an international library cooperative. He is a community level instructor for the SANS institute and has taught SANS 504 "Hacker Techniques, Exploits and Incident Handling" and SANS 507 "Auditing Networks, Perimeters & Systems". He is a senior contributor to the PaulDotCom weekly security podcast. While Mick enjoys and actively participates in penetration testing, his true passion is defense tweaking existing networks, systems, and applications to keep the bad guys out.

In addition to his technical work, Mick jumps at every chance to participate in a social engineering engagement. Mick has a bachelor's degree from The Ohio State University in Communications. In his spare time, you'll likely find him fleeing all things electronic by scuba diving, trying in vain to improve his photography skills, and either hiking or camping.

You can follow Mick on Twitter at twitter.com/bettersafetynet.


Digital Forensics

Peer-to-Peer Network File Sharing Investigations
Presented by: Corporal Robert J. Boggs, West Virginia State Police

The explosive growth of the internet and peer-to-peer networks has spawned a threat far greater than pirated music and movies. Images of child sexual exploitation are traded over this network in staggering amounts. Understanding peer-to-peer file sharing programs that utilize the Gnutella network protocol is a critical skill for digital forensics professionals. This in depth presentation will cover all aspects of case development from end to end including recovery of artifacts from the Windows Registry and operating system.

Corporal Robert J. Boggs is a 13 year veteran of the West Virginia State Police and is assigned to the Crime Against Children task force. Cpl. Boggs had been assigned to the Digital Forensic Unit for 5 years and is responsible for all examinations for the southern part of West Virginia. Cpl. Boggs assists many local, state, and federal law enforcement agencies with high tech criminal investigation and digital forensics analyses. Cpl. Boggs has attended many advanced course regarding digital forensics from both government and private entities.


iOS File Systems and Artifacts
Presented by: Christopher Vance, Marshall University Forensic Science Center

Apple devices are everywhere and as such need to be understood by digital evidence professionals. This presentation will explore the process of uncovering the artifacts hidden among the iOS file systems. Chris’s presentation will include an overview of iOS devices, the file system structure, acquiring the file system, and artifact recover including preferences, SMS messages, calendar, notes, web history, etc. In addition, he will also examine the changes in the file system between different versions, getting around password protection, and understanding the backup process.

Christopher Vance is a Digital Forensic Specialist employed by Marshall University. Chris is a graduate of Marshall University (Cum Laude), receiving a BS degree specializing in Digital and Multimedia Forensics. Chris currently works in the West Virginia State Police Digital Forensics Unit. Chris specializes in mobile device forensics, having analyzed over 150 devices.

LET Credit Pending

AIDE Winter Meeting Information:

The conference will be held at the Marshall University Forensic Science Center. Registration is required as seating is limited. Registration fees are due on the first day of attendance, fees are based on AIDE membership as follows:

Non-member Professional $50

Non-member Student $20

Current Member $0

Wednesday, February 9, 2011

Open-Source Cloud, Social Networking and Content Managment

If any of our 304geeks are interested in some testing and web development.

I am in the process of creating an open testing space on the web for cloud, social-collaboration and content management frameworks. I hope to initially provide opportunities to work with open-source projects such as Cloudera, Hadoop, Elgg, Joomla, WordPress, X-Mind, Wikia Search, Nexty, and others TBD.

Keep an eye on the 304geek blog for details and upcoming opportunities and post your ideas in the mean time and i'll try to set-up the foundation for a web-development type of hackspace.

Hackus 2011 challenge

Hackus 2011 challenge


The Hackus team is coming out with a new concept for its 48 hour hacking event this year. This new formula will be very different from last year’s. It will remain a competition and prizes will be given out.

To increase the realism, information related to the event(s) is limited. The 2011 edition of the Hackus will be the biggest of its kind in Canada, something never seen in this country before.

The contest is being held at the University of Sherbrooke, in Quebec Canada. Participants will be challenged, and many different skillsets will be solicited during this 48 hours span.

A realistic pen-testing simulation, for the fictitious enterprise “Ini-Tech inc”, has been prepared for them. Main focuses this year are: Social- Engineering, Hardware and Software hacking.

You are all invited to test your skills, and perhaps win Hackus 2011.

Hackus if you can!