Hack@UCF

Collegiate Cyber Defense Club

irc.freenode.net #hackucf Slack hackersofucf.slack.com

Slides by

Alec Coder

Ethics Form

  • Everyone in the room must do this
    • Get it
    • Sign it
    • Pass it down!
  • tl;dr
    • Don’t hack UCF without explicit permission from the right people
    • If you fork it up, we throw you under the bus

Today’s Topics

  • Club Information
  • 4 Lightning Talks
  • Microsoft
  • Closing

Stay informed!

  • Join our mailing list
  • Join the CECS Slack
    • https://hackersofucf.slack.com/
    • Knights mail required
    • Once registered, chat with us in the #hackucf channel
  • Twitter: @HackUCF
  • Facebook

What is Hack@UCF?

Who is Hack@UCF?

Executive officers

  • President - David Maria
  • Vice President - Charlton Trezevant
  • Secretary - Lauryn Landkrohn
  • Treasurer - Nathan Dolorfino

Operational staff (ops)

  • Public relations, content for meetings/workshops, infrastructure

Who is Hack@UCF?

Membership

$10 per academic year (Fall-Summer)

  • Free pizza/drinks during CTFs
  • Get this year’s shirt (sponsors permitting)
  • Vote in elections
  • Help the club do great things!

Sign up online at: https://hackucf.org/join/

Join The Club

  • https://hackucf.org/blog/join/
  • Need to be enrolled as a student
  • Step 1: Membership survey
  • Step 2: KnightConnect
  • Step 3: Pay dues
    • $10 for the entire academic year (until next August)

Knightsec

  • We play Capture the Flag (and sometimes win)
  • Come to practice
    • 12:00 PM to 4:00 PM Sundays, HEC 117
    • Start this Sunday, September 2nd
    • Open to all
  • Practice with us
    • ctf.hackucf.org

Upcoming CTFs

CTF

Date

MMA

September 1st

InCTF

September 8th

CSAW Quals

September 14th

CCDC Team

UCF Collegiate Cyber Defense Competition Team

  • Southeast Regional Champs - 2013, 2014, 2015, 2016, 2018
  • National Champs - 2014, 2015, 2016

CCDC Team

We need team members for the Spring 2018 season:

  • Windows Server Admin & Linux Server Admin
  • Cisco & Juniper Network Admin
  • Palo Alto, CheckPoint & pfSense Firewall Admin
  • Business Skills - translate geek speak to business justifications in memos and short business reports
  • Looking for technically inquisitive, self-motivated team players who can identify, research, and teach themselves what they don’t know

CCDC Team

Information Session for Fall Training and Tryouts:

Sunday, September 9th, 1:00pm-3:00pm, HEC-125

Collegiate Penetration Testing Competition (CPTC)

CPTC - What,When,Deets

  • CPTC focus statement- “The competition focuses on improving the security posture of a fictitious organization and reporting on risks in a manner that is similar to a real professional environment.”

(Emphasizing the needs for organizations to have an offensive security team or program)

  • Regionals: Oct. 5th (10/5) - Oct. 7th (10/7),
  • Nationals: Nov. 2nd (11/2) - Nov. 4th (11/4)
  • Extremely deadline focused, fast paced, technical competition

CPTC - Competition in a nut shell...

Regionals

  • Day 1:
    • 8am - 8pm - Perform penetration test against target company.
  • Report Due @ 7AM (No sleep)
  • Day 2:
    • Report scored, regional winners announced

Nationals

  • Request for Proposal (RFP) doc - (4 weeks before competition start)
  • “Bidders conference call” - (3 weeks before start)
  • Proposal Submission Deadline - (1 week before start)
  • Day 1: Pre-Engagement Meeting
  • Day 2: 8am- 8pm - hack all things (again)
    • Report + Presentation Due @ 7AM (REALLY NO SLEEP)
  • Day 3: Exit Meetings + Presentation to “Leadership Team”

CPTC - “I Want In”

Good

  • Register for HTB (https://hackthebox.eu)
  • Message me your HTB username @ msthubin@hackucf.org
  • Complete the following boxes:
    • Jerry (to get used to the HTB platform) - Extremely Easy
    • Active or Bounty ~ easy/mid (windows)
      • Full writeup on how you solved (pick one)
    • Canape AND DevOops ~ mid
      • Full writeup on how you solved Canape

Bonus points: Dropzone ~ mid/hard | Tartarsauce ~ upper mid/hard

4. Stage 1 deliverables due: Monday, September 3rd @ 4:00 PM EST

https://ghostbin.com/paste/87vhw

Stage 2

Good

(Depending on the # of submissions from stage one)

You will be tasked to perform an external penetration test against a fake “company” whose platform is hosted on AWS.

Objective: Gain access to the internal network, compromise the domain controller, and retrieve the contents of “secrets.txt” on the domain administrators desktop.

Deliverable: Write up how you did it

https://ghostbin.com/paste/87vhw

Tl;DR/L - What are we looking for?

Good

  • Can you actually hack shit?
  • Can you explain how you did it?
  • Can you explain those risks in the business context?
  • Can you explain how to properly remediate those risks?

(but really, if you have these lets talk pls ...uwu)

  • (STRONG) Web Application Security Skills
  • Network Pentesting Skills (Recon, Pivoting, Vulnerability Identification etc…)
  • Good communication skills & independent thinking
  • Technical writing skills in relation to information security
  • Ability to stay up for over >24 hours & still operate at a high-technical level

BONUS POINTS

  • Real world penetration testing experience (see me)
  • OSCP/PTP/GPEN/GXPN/ (see me)
  • Familiar/actively participate in vulnhub/htb style boot2root style challenges

aka *transparency* slide

https://ghostbin.com/paste/87vhw

Resources

Hack the Box (Best free pentesting training/learning platform ever) - https://hackthebox.eu

IppSec (htb retired machine writeups / learn pentesting - youtube) - https://youtube.com/c/ippsec

Hacker101 (Learn all about Web Security) - https://hacker101.com

Mitre Att&CK - Adversarial, Techniques, Tactics, and Knowledge - https://attack.mitre.org/wiki/Main_Page

Vulnhub - Boot2Root Challenges - https://vulnhub.com

Enaqx Awesome Pentest (Tons of pentesting resources) - https://github.com/enaqx/awesome-pentest

Lightning Talks

By Lots of people

David

Physsec

Breaking and Entering for (legal) fun and profit!

By Levi

Slack handle @leviathan

Levi

The Scenario...

  • You’ve been tasked with a physical security assessment on a small local branch
  • Your goal is to get inside and install malicious devices

Getting in the Front Door

  • Tailgating
  • Pretexting
  • Bypass
  • Picking

Tailgating

Exploiting politeness for physical access

Pretexting

  • Dress the part
  • Call ahead
  • Act like you belong

Bypass

  • Bypassing the lock to open the door
  • RTE Sensors
  • Crash Bars
  • Under Door tools

Picking

  • When nothing else works, pick it
  • Slow, requires practice
  • Quiet, leaves very little trace

The Devices

  • Rubber Ducky
  • Evil AP
  • Hardware Keylogger
  • Pi Dropbox

What can they do?

  • Inject Keystrokes
  • MITM
  • Intercept Keystrokes
  • Network Backdoor

Appsec - Cross-Site Scripting (XSS)

What is XSS?

- “Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.” (source: wikipedia.org)

By Charlton aka cyber jesus

Slack @Charlton

Notable Examples

“Self-retweeting tweet”- XSS vulnerability in Tweetdeck (2014)

https://dunnesec.com/category/issues-infosec/tweetdeck-xss-self-retweeting-tweet-with-twitter/

“Samy” worm - XSS in MySpace (2005)

https://en.wikipedia.org/wiki/Samy_(computer_worm)

Demo time!

Steganography (Stego)

  • The practice of concealing a file or message within another file or message.
  • Why does it matter?
    • CTFs
    • Problem Solving
    • Forensics

By David

Slack @dmaria

Demo Time

(It’s easier to show you)

Network Security

Demo:

Win7 -> Click EXE -> Dump Hashes

Hashcat cracking the passwords from Win7

Win10 -> Click .SettingContent-ms file -> webcam_snap, webcam_stream, and record_mic

By Martin

Slack @Martin

Have to be careful of what you install
Have to be careful of what you click on

People can spy on your webcam. Come to Hack@UCF meetings for webcam covers.

Join our slack

david

Come hangout with us at Pop’s Parlor

Over by the cfe arena and towers

david

Feedback

  • Your feedback is important to us
    • Anonymous
    • Specific meeting or general club feedback

Feedback.hackucf.org

Microsoft

Guest speaker

IRC Freenode: #hackucf, Slack hackersofucf.slack.com
https://hackucf.orghttps://www.facebook.com/HackUCF

Thank you!

david

08-31-18 - Google Slides