Polly wanna cracker

Regex and Grep cheat sheet

by howdoisecurity, posted in Uncategorized

Cheat sheet based off the Udemy cysa+ course from Jason Dion – video 75 as i’m sure i’ll end up looking for it at some point in the future.

REGEX:

[] – Match a single instance of a chracter from a range such as a-z A-Z 0-9 or for all [a-zA-Z0-9]

[\s] – Match whitespace

[\d] – Match a digit

+ – Match one or more occurrences e.g. \d+-

*- Match zero or more occurrences e.g. \d*

? – Match one or none occureences e.g. \d?

{} – Match the number of times within the braces e.g. \d{3} finds 3 digits in a row or \d{7-10} matches 7,8,9 or 10 digits in a row

| – OR

^ – Only search at the start of a line

$ – Only search at the end of a line

GREP:

-F = search for a literal value, can use “” instead of -F

-r = recursive

-i = Ignore case sensitivity

-v = Find things which do not match

-w = Treat search strings as words (instead of parts of words)

-c = Show count of matches

-l = Return names of files containing matches

-L = Return names of files without matches

Hacker halted 2020

Hacker Halted 2020 – Day 5

by howdoisecurity, posted in Uncategorized

Finishing off strong, today saw the last day of Hacker Halted 2020 talks

Zoey Selman shared her expertise on OSINT with tips and tricks based on years of experience on how to better search for targets from other countries. There are a lot of different cultural and technical differences between every country on the planet and if you try searching for a foreign user the same way as you would a local user it’s likely to be a lot more fruitful if you know which social networks and search engines are popular in which country.

Tyrone Wilson tackled the age old problem of “I cant get a job without experience and I can’t get experience without a job”. by Demonstrating how to build a practice environment using the Security Onion distro of linux and using pcap files from CTF events to give yourself real life data to practice blue teaming and analysis on. The majority of recruiters pay attention to how much self-study time people are putting into learning cyber security outside of their day job. So having documented proof of your lab activities gives you a boost.

Sean O’Connor has obviously spent a lot of time tracking and documenting the workings of all the active groups behind name and shame ransomware, and kindly shared a large chunk of that research with us. Each group behaves slightly differently and they are all somehow interlinked with members changing teams/names and sharing techniques. We also see how most of these firms tend to operate in ex-soviet union countries and as long as they target western countries and avoid friendly neighboring countries seem to enjoy some level of impunity from prosecution.

Briana Leddy finishes off the conference with a sales pitch / demonstration of her companies software. But as a technically minded person she gives some good insight and description into how AI can be setup to help spot and respond cyber threats quicker and cheaper than a human team.

Big thanks to EC-Council for setting this up and not letting Covid stop all the presenters delivering very useful and interesting presentations to the rest of us.

hacker halted 2020

Hacker Halted 2020 – Day 4

by howdoisecurity, posted in Uncategorized

The penultimate day of Hacker Halted gave us some more serious discussions focusing on some of the darker activities bad actors can involve themselves with online and in real life.

Chris Kubecka gave us details of her dealing with Boeing and how an attempt to highlight security concerns with software in planes was met with legal force instead of any sort of willingness to learn and prevent deaths. Very reminiscent of the scene in fight club where they discuss the formula used by car manufactures to decide whether they will either pay the fines or issue a recall of a vehicle for safety purposes.

Winn Schwartau presents his take on why the issues facing organisations in the cyber space will not be solved by newer/better technology because behind all the fancy new features they are still run by humans who have three major bugs : Ignorance, Apathy and Arrogance. Winn was in the industry way before most of the readers here and made a point which I have not heard before, that back before around 1984 there were plenty of women in the tech industry. Something happened around that time which seems to have driven out female participation in tech and for whatever reason has only started to be reversed recently.

Katelyn Bowden gives us some much needed education on the current state of revenge porn and keeps on fighting to help dispel myths held by people who have only heard the term in passing or read a single article about it in the paper. The pandemic seems to have led to a rise in non-consensual porn being used to exploit people by criminals looking to make money online now that some other offline sources have become unavailable for them. What used to be a way for ex-partners to feel like they are getting their own back is a fully fledged industry where the person distributing the photos has no relationship with the victim.

To show that cyber crime effects every industry we heard from Mauro Eldritch who shares a story of how he was approached subtly by criminals to help automate and digitize their coyote operations to help them smuggle more people across international borders by providing a fake facade that the person was being persecuted by their government so that they could claim special refuge status to move to another country. the second half of the story shows a very real step by step use of OSINT to help investigate the higher ups in this gang.

The day was closed by Charles Henderson with a look at what has changed for security teams now that so many people are working from home compared to the start of the year. 52% of staff in one survey claim to be using their own private equipent to carry out corporate work. With this much new hardware with varying levels of security tools installed it’s very likely impossible to find a technological solution which would work for everyone.

hacker halted 2020 day 3

Hacker Halted 2020 – Day 3

by howdoisecurity, posted in Uncategorized

The third day of Hacker Halted saw talks on slightly more technical topics than the previous days.

The opening speaker Chloe Messdaghi went through the benefits of gamefying training to help build a cyber security team in your organisation in order to create a team who can react quicker to new threats and actually prevent breaches instead of just running through compliance checklists. Ending the talk with some examples of how CTF style events have helped people land jobs was a nice touch to encourage people to take action after the slides had finished.

A more Americanized talk followed from Chris Roberts with a discussion of the dangers of electronic voting systems. While this might mostly affect the USA currently these are points that will likely affect many parts of the world at some point. The biggest danger being that the current voting booths get a F- for security and instead of respecting the cyber security community the vendors behind these booths prefer to divert their money towards lawyers and marketing. I can’t see this being an issue which is going to get resolved until the vendors see that the cyber sec community is on their side.

Annalisa Nash Fernandez spoke to the geography fans regarding how cyber criminals can hide behind geographical borders to hinder law enforcement and aid themselves in crime as a result of two things. One is that laws and agencies are often unable to easily investigate problems once the trail leaves their borders. and Secondly how the culture difference between large parts of the world often means 2 teams working together on a problem are stopped from making progress because they focus on different ways of doing things. A quick run down of what different cultures think of in regards to things such as data privacy highlights the issue that while you may be creating a system which users in one country love another country may see it as moot/trivial.

Last talk of the day allowed Wayne Burke and Kevin Cardwell to give us their wisdom and experience about what they see corporations doing wrong when they visit to take part in an engagement. The main point seems to be companies focusing far too heavily on buying fancy software instead of working on their processes and training staff which results in a large bill for largely ineffectively deployed software. The next part of the talk demonstrates the effectiveness of spending time on misdirecting villains once they have accessed your network. Stopping someone getting in takes a lot of time, but once they are in if they spend 100% of their time getting confused by a honeypot it keeps your data safe for long enough for you to spot the intrusion and kick the bad guys out.

https://urbansecurityresearch.com/2020/10/19/hacker-halted-2020-event-game-codes/

Hacker Halted 2020 – Day 2

by howdoisecurity, posted in Uncategorized

Another great day of talks (Mixed in with some haphazard organisation and time keeping by EC-Council). I’m genuinely impressed with the level of professionalism and effort all the speakers have put into their presentations.

Starting off today was Alyssa Miller with a look at the current deep fake possibilities and a prediction that very soon it will be an issue handed over to cyber security professionals to protect organisations from being tricked by a deep fake of their company CEO. The brilliantly put together talk gives an overview of how generative adversarial networks create the deep fake to the current ways of spotting them, showing that researchers are in a very tricky situation whereby whenever they discover and publish a method for spotting deep fakes the creators instantly know which parts to improve.

Joe Gray gave us an overview of which metrics he thinks are important to focus on when running phishing simulations at an organisation and how to read the data in a way which allows you to create training plans for your users. Highlighting the need to make sure users feel comfortable telling you if they have messed up and how by using punishments for clicking on phishing e-mails you are hindering your own efforts at protecting the company.

Bryson Payne gave us a demonstration of how to reverse engineer software, starting from a beginners introduction to changing individual values in a game (Solitaire) through to a more technical example of how it’s possible to reverse engineer ransomware to extract the decryption keys. If you are new to software analysis or reverse engineering and not sure where to start this presentation will give you lots of resources including freeware tools to help you get started.

For beginners asking the first questions about how to get into pentesting the presentation by Phillip Wyle is for you. It starts off with some general descriptions and definitions of pen testing roles before getting into some very useful lists of resources such as books, websites, CTFS events and tools to help you start learning. Phillip’s career is focused on creating the next generation of pen testers so following his advice can’t be a bad idea.

As before, if you missed any of the event game codes they can be found on this page: https://urbansecurityresearch.com/2020/10/19/hacker-halted-2020-event-game-codes/

Jenny Radcliffe - hacker halted 2020

Hacker Halted 2020 – Day 1

by howdoisecurity, posted in Uncategorized

Hacker Halted day 1 is over and provided several very informative and entertaining speakers. The event itself by EC-Council had a few technical hiccups along the way but as this was probably put together at the last minute as an online conference instead of a face to face event and is free I think we need to be a little bit more lenient with the organisers and give them a bit of time to smooth everything out.

Jenny Radcliffe started us off with a presentation about how social engineers have been taking advantage of Covid19 by scamming people with fake tests, fake cures and trying to cheat the government relief schemes out of money before they have had a time to tighten up their security. Using peoples fear of the situation as leverage to make as much money as possible before the other bad actors get there. One key point is that while some of these scams may seem obvious to us, many are not and just because someone has fallen victim to a scam does not make them dumb. Labeling scam victims as the weakest link can end up being counter productive as it sets up a white hat vs user mentality when it should be a white hat + user vs black hat one.

Marcelle Lee followed up with a look into how she got into a career in cyber from unrelated jobs and what types of activities are undertaken on a day to day basis. A good talk for anyone not working in cyber currently to give an idea as to one of the potential roles. Marcelle works in the intelligence gathering/sharing side so the majority of the talk covered sources for finding out the latest cyber security related news and what the current threats are, including a discussion on the evolution of ransomware into name and shame ransomware where the files are exfiltrated out to be used for blackmail before the victims machines are encrypted.

Antonio Rucci was next with a talk about ransomware using real world examples instead of just theory, Highlighting ransomware which demands payment within 24 hours being a sign of an amateur attacker as more experienced criminals would know it takes far longer than that for a typical victim to setup a crypto currency wallet and transfer money into it. One point which stuck out was that from his experience 90-95% of ransom payments resulted in the data being unencrypted and sent back to the victim as promised. Which goes against what I had previously assumed that it was far more of a gamble and the bad guys were just as likely to drop contact.

After that came the very passionate Jake Williams who highlighted the need to communicate well with people from all walks of life, specifically the ones paying the bill for cyber security services. This topic does tend to come up at least once or twice in most conferences but the talk delivered by Jake came with far more practical examples than I’ve seen before. Such as suggested analogies to help explain security concepts to people who may not have come across concepts such as defense in depth or baselining before.

Overall a very fun first day, it is very obvious that each presenter is an expert in their field and put a large amount of effort into their talks. For us to be able to enjoy them for free is a bargain.

Game Event

If anyone msised any of the codes from these talks for the event game I’ve created a seperate page to list them all:

https://urbansecurityresearch.com/2020/10/19/hacker-halted-2020-event-game-codes/

Hacker halted 2020 event game

Hacker Halted 2020 event game codes

by howdoisecurity, posted in Uncategorized

This years Hacker halted comes with a mini game in the form of codes which you can find by watching all the presentations and visiting sponsors. There seemed to be a lot of “technical” issues with these codes with lots of people not being able to see them even if they had watched the entire talk by a speaker.

To help those people out I’ll use this page to collect a list of each of the codes against their name in the event game page

DAY 1

The Witchball and the Tribe – WITCHBALLTRIBE
A day in the life – DAYINTHELIFE
When they hit your NAS – FORENSICATINGRANSOMWARE
Communicating Cybersecurity – JWILLI
Memory evidence collection – AUTOMATINGDISK

Day 2

Reality lost – DEEPFAKECHANGINGTHEFACE
Social engineering your metrics – USINGDATASCIENCE
Информационные контрмеры – MAINTAININGDEMOCRACY
Hacking Solitaire – WRESTLINGRANSOMWARE
Pentester blueprint- BECOMINGAPENTESTER

Day 3

Hacker Hippocampus – MEETYOURBRAIN
Hack The Vote! – HILLBILLYHITSQUAD
geopolitics – DECODETHECULTURE
sibling rivalry – MICROFOCUS
tactics of deception – WAYNEANDKEVIN

Day 4

Turbulence – HYPASEC
From infowar to IOT – WINNING
Anatomical warface – BADASS
American Coyataje – ACME

Day 5

Misconceptions of Open Source – OSINT
Threat Hunting – HANDS-ONEXPERIENCE
MITRE ATT&CK – ACTIONABLEATT&CK
Say My Name – RANSOMGAME

SPONSORS CODES:

These are easily found on the page of each sponsor within the socio app ***You do not need to visit any of the links provided to find the codes*** They should be present in the brief description of each sponsor in all caps.

Hacker Halted 2020

Hacker Halted 2020

by howdoisecurity, posted in Social Media, Uncategorized

Due to Covid-19 the EC-Council have decided to make this years Hacker Halted conference an online affair and lowered the cost of basic entry to 0. The event is in it’s 14th year and looking through past events it looks to be a classic collection of guest speakers covering a wide array of cyber security topics. From the technical sides of offensive and defensive cyber security to the “softer” topics of hacking people and getting more people interested in careers in cyber.

EC-Council make their money by selling training certs so this event is likely going to be heavily aimed at getting people interested enough in Cyber to buy one of their courses but as long as the talks deliver some interesting knowledge before trying to sell anything I don’t see a problem with it.

If anyone wants to register you still have a few days to visit their site :https://www.hackerhalted.com/registration/

Once registered you should receive an e-mail with instructions on how to download the Hacker Halted app which currently has details of confirmed speakers and various games which will start once the event goes live (Although currently the games seem to simply involve watching and reading all the content from the conference) Including an interesting version of Jeopardy which appears to award points for getting drunk while playing.

The Agenda looks fairly busy with enough talks to keep most people busy if they are also working full time jobs and trying to view this in between meetings or after work. A lot of the scheduled slots are replays of previous talks so if you needed to stream something live you may be able fit it into your life. Or if you want to watch everything as it is released you should be very comfortably able to get through everything with the length of breaks in between each event.

Review of Udemy course – Learning Computer Forensics With Infinite Skills

by howdoisecurity, posted in CTF

Overview

Forensics is a topic which seems to be referenced in a lot of hacking challenges and real world cyber security problems but for some reason doesn’t get much exposure in the entry level security courses. They tend to focus more on the attacking/red team topics.

I bought this course hoping it would show me some cool new ways of tracking the actions of other on IT networks and piecing together a history of what had happened even if an attacker had attempted to hide their tracks.

Pros

  • Well presented course with good audio and visuals.
  • Wide range of topics from Windows, Linux, Mobile, Legal and image acquisition.
  • Good demonstrations of the topics begin discussed.
  • only 11 hours long so can be watched without too much of a time commitment.
  • Introduces a wide variety of free tools you can test

Cons

  • The material is very basic compared to what I was expecting.
  • If you have even spent 5-10 minutes looking at logs for any of these systems you are unlikely to learn anything new in the modules.
  • very few “tips and tricks”. I was expecting lots of new techniques that I could make notes of for the next CTF challenges I did but most of the course content is straight forward log browsing.

Verdict

Overall it’s not a bad course but I wouldn’t recommend it unless you are very new to most of the topics. for Example if you do not work in IT have only ever used Windows then the knowledge about topics like Linux or BSD or network logs will likely be new to you and these videos are a great introduction.

If you have been taking part in security challenges or have many years in IT then the few snippets of info you’ll gain from this course are unlikely to be worth the time and cost.

Sans Holiday hack challenge 2019 - Kringlecon2

Kringlecon 2019 – SANS Holiday hack challenge

by howdoisecurity, posted in CTF

What better way to get into the festive mood then by taking part in an awesome online security conference – KringleCon 2019 from the SANS institute. For anyone new it’s a free online conference which includes youtube hosted presentations from security professionals on a variety of topics as well as a CTF game where you help Santa figure out who has stolen two turtle doves from elf university!

santa

How to Join?

It’s a free conference, to join in the fun simply visit HolidayHackChallenge 2019 and click on Kringlecon2 at the top then register an account. If you just want to listen to the talks you can see them all on their YouTube channel : YouTube – Kringlecon2

 

CTF Challenges

The aim is to solve all the Objectives to help find where the missing turtle doves are. They are ranked in difficulty starting at 1 xmas tree to 4 xmas trees. If you are having trouble with an objective there are helpful elves throughout elf university who will give you a mini-puzzle to solve, these are easier than the objective and if you help an elf with his mini-puzzle they will give you a clue for the main objective.

challenges

A lot of the presentations given at Kringlecon also offer hints for the challenges by way of suggesting specific tools and techniques which may come in use for the objectives which works as an extra incentive to pay attention to them all.

If that fails and you are still stuck there is a chat room in the CTF game world full of people who are happy to give hints.

Presentations

There are a treasure trove of talks at Kringlecon by some of the best security minded folk in their respective industries. Even if you don’t use the talks to help with the CTF objectives you will learn plenty just by listening to them all.

There will be more talks released as the event goes on but currently here they all are with a few brief notes about the topics discussed:

John Strand, keynote : A hunting we must go

  • The benefits of creating hunt teams whose only task is to identify malware beacons.
  • RITA – Real Intelligence Threat Analytics, a tool for identifying malware beacons in traffic.
  • Honeybadger – A tool to geo-locate an attacker who has exfiltrated your companies files, works using Googles gigantic wi-fi database instead of IP which can be spoofed.

Katie Knowles – How to (Holiday) hack it: tips for crushing CTFs & Pwning Pentests

  • Ways to look at a CTF problem once you get stuck, (has a cool screenshot at 6:07 of a problem spiral.)
  • Based on thinking about what new information you have come across since starting the puzzle and new ways of looking at the situation.

Snow – Santa’s naughty list: Holiday themed social engineering attacks

  • A look at social and physical attacks which are more likely to succeed during the Xmas holiday season.
  • Using the website Glassdoor to see what aspects of a company the staff are emotional about.
  • Statistics about e-mail response when using surname, firstname or both.
  • Some proactive tips for how to defend against these attacks.

James Brodsky – Dashing through the logs

  • An intro to searching through events in Splunk
  • An intro to Stoq (E-mail traffic analysis tool)
  • A massive hint that this may be useful for some of the Holiday hack challenge objectives

Ron Bowes – Reversing Crypto the easy way

  • How to hack crypto which has used bad key implementation.
  • Ways to identify which crypto is being used based on its output.
  • Great demonstration at the end which makes use of the techniques in the video.
  • One of the most technical presentations released so far.

Chris Elgee – web apps : a Trailhead

  • An introduction to analysing traffic between you and webapps
  • How to alter some values for items processed locally
  • Good starting point for someone completely new to security who hasn’t ever seen the source code of a webpage

Chris Davis – Machine learning use cases for cybersecurity

  • Discussion about how machine learning can be used in cybersecurity
  • How Machine learning can help with specific tasks for blue and red teams
  • A demonstration of setting up a machine learning program to spot the difference between apples and bananas
  • I’ve seen plenty of mentions that one of the holiday hack challenges can be solved using Machine learning so this one may be worth re-watching.

Deviant Ollam – Optical Decoding of Keys

  • A very scary presentation showing how to duplicate a physical key based on only a photograph of the key.
  • Step by step demonstration for how anyone can do it with the right tools

Dave Kennedy – Telling stories from the North Pole

  • How to prevent SOC staff from spotting your attacks.
  • SOC picks up thousands of potential attacks, how to make yours blend in with the other false positives.
  • Techniques such as altering the name of your variables/files so that if they are Googled the analyst should come across legit pages for their use.

Mark Baggett – Logs? where we’re going we don’t need logs

  • Guide to the built in logging features of Windows 10.
  • SRUM-DUMP – A tool for looking at the System Resource Utilisation Management Database.
  • ESE2CSV – Command line version of SRUM-DUMP.
  • What to do as a forensics investigator when the client has few or no logs.

Heather Mahalik – When Malware goes mobile, quick detection is critical

  • Talk about malware on mobile devices
  • Growing field so likely to be seeing more of this in the near future
  • Less protected than in-office devices
  • UFED physical analyser – forensics tool for digging into malware on mobile devices

John Hammond – 5 steps to build and lead a team of holly jolly hackers

  • Hints and tips for building a successful team of penetration testers and security researchers
  • Advice such as using practical lessons for most of the training, taking parts in CTFs, gamefy learning as much as possible.
  • Keep track of what staff have learned and share with other team members

Lesley Carhart – over 90,000: Ups and Downs of my infosec twitter journey

  • Advice on the use of social media for members of the cyber security community
  • Most of the advice applies to any user of cyber security who has a following consisting of more than just friends and family
  • Lesley has over 100,000 twitter followers so her talk is backed by lots of experience

Soundtrack

Last year the soundtrack from the CTF was so popular that this years has been made available as a download available for download here:

Tunes to hack to!!!