Offensive Computer Security and Offensive Network Security at FSU

This spring FSU’s CS Department is offering two amazing classes on offensive security topics.

Offensive Computer Security and Offensive Network Security both feature video-taped lectures and hands on exercises covering x86 reverse engineering, modern exploit development, network exploitation and reverse engineering, web application exploitation, forensics and much more! You should definitely check each out if you are interested in infosec!

CSAW CTF 2013

It’s almost that time again.  Last year N0L3ptr came in 23rd place among North American universities.  In this year’s competition, the top 10 teams will have an undergraduate team flown out to NYU Polytech to compete in person at the final round.  This has always been a great career opportunity for undergraduates, as winning teams are usually showered with job offers.

CSAW CTF 2013 will begin this Thursday until Sunday. Everyone is welcome to attend and participate! We will have roughly 12 beefy desktops available with a VM and tools installed (laptops are welcome too). Physical presence isn’t required. We encourage remote collaboration via our IRC channel, Google groups, Google docs, and Google hangout.

Time and Date: Thursday 6:00 PM EDT – Sunday 6:00 PM EDT
Location: LOV 010 basement Security Lab
IRC: freenode servers #noleptr to request invite to ##noleptr
Links: n0l3Ptr google group (username/password for csaw login available in Google groups), CSAW CTF 2013

FLORIDA CTF

N0L3ptr (FSU), White Hatters (USF), Knight$ec/HackUCF (UCF), and Kernel Sanders (UF) have united to put on a CTF this October!  There will be two brackets: Florida students, and everyone else (professional).  Signup is at http://floridactf.org/

We encourage everyone to go there in person to play and to most importantly network with other students and professionals here in Florida.  There will be cash prizes for the wining Florida student team(s) – but team size is limited to size of 4.  Representatives from each Florida school will verify that all your teammates are actual students, before prizes are awarded.

Put a team together, go sign up, and stay tuned!

-Owen

Spring CTFs

Upcoming CTFs as of now are:

Ghost in the Shellcode 2013 – Feb 14th @ 19:00 EDT – Feb 16th @ 19:00 EDT
RuCTF Quals 2013 – March 08th @ 11:00 — March 10th @ 12:00 EDT

We’re planning on participating in both of these, so if you’re interested contact either Owen or Ivan. We welcome ALL skill levels; we treat CTFs as educational experiences, and hope everyone can learn something from them.

– Ivan

Spring 2013 Workshops / Meetings

Hey everyone!  We’re starting up our meetings again, and we’re going to try and video record (screencast style) each workshop and post them online here!

Our meeting details:
Every tuesday @ 1pm, in the LOV 010 room (security lab in the basement)

Cheers!
-Owen 

*Update: The next workshop will be intermediate SQLi followed (tentatively) by an overview of the history of cyber warfare the week after.

SQLi Workshop Slides

11/7/2012’s workshop on SQL injection slides can be found here: https://docs.google.com/presentation/d/1I97AFWgk6SXlX5G14557l74AzxoWufmGPbRh_DVd2E8/edit

See the SQLi to shell Exercise post below to see notes on how to get the target iso up and running with networking in Virtual Box.

If you are interested in sharpening your web application hacking skills, I highly suggest checking out OWASP’s  BrokenWebApp project here https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project

They have a target vm that can be downloaded here: http://sourceforge.net/projects/owaspbwa/files/

From SQL injection to shell

Resource

The link above includes a brief description, extensive pdf walk-through, and a live CD ISO. Note that the ISO is a debian live boot cd, not a virtual machine image.

VirtualBox

Accessing the guest VM running the above ISO doesn’t work out of the box.  The below will explain how to access the guest network, specially the web-server.

      1. Select your newly created VM and click Settings.  Click on the networking setting.  Select the “Adapter 2” tab and select “Enable Network Adapter”.  Now select “Host-only Adapter” from the drop-down.
      2. Now we need to tell the guest what ip address to use for the second network interface.  The next set of commands will take place in the guest.
        vi /etc/network/interfaces

        Comment out the line:

        # iface eth1 ionet dhcp

        Add the following to the end of the file

        auto eth1
        iface eth1 inet static
        address 192.168.56.101
        netmask 255.255.255.0

        Save and exit.

      3. Restart your interface:
        sudo ifdown eth1
        sudo ifup eth1

You are now done. Type http://192.168.56.101 into your web-browser and you should see the below.

Hack.Lu Results, Future CTFs

Hey guys,

We just wrapped up participating in the Hack.Lu CTF. The challenges this time were much more difficult and focused more heavily on cryptoanalysis and exploitation. There were also a number of very interesting Python challenges. Unfortunately these are the areas we’re still developing expertise in so we didn’t do quite as well as we did in CSAW, but it provided ample opportunity to learn from. We ended up placing 68th (counting ties, 92 teams placed above us) out of 260 teams which participated (submitted at least once answer).

Write-ups for the various challenges have been collected at CTFtime; some write-ups provide the binaries as well.

We’ve also gone ahead and taken control of our team at CTFtime, so if you’d like to register just let us know and we can send you an invite. All future CTFs we participate in will be recorded there and we’ll be ranked based on our performance across the board.

As for the next CTF, there are three next month. 

PoliCTF is another challenge based CTF that we’re already signed up for. This one is 24 hours long and is the weekend of Nov 17th – Nov 18th. They haven’t done one in the past so we don’t know what kind of questions they’ll ask but it should be interesting.

The other two are RuCTF and rwthCTF. Both of these are Attack/Defend type CTFs which we can participate in remotely. We aren’t signed up for them currently however since we’re not sure we have the man power for it, as well as the fact they’re around when term projects will be due (end of Nov). However if there’s enough interest we can look into organizing something.

– Ivan