Hack@UCF

Collegiate Cyber Defense Club

irc.freenode.net #hackucf Slack hackersofucf.slack.com

Slides by

Alec Coder

Today’s Topics

• Announcements
• Current Events
• Tool Time
• Featured Content
• Closing

Stay informed!

• Join our mailing list
• https://hackucf.org/blog/mailing-list/
• Join the CECS Slack
• https://hackersofucf.slack.com/
• Knights mail required
• Once registered, chat with us in the #hackucf channel
• Twitter: @HackUCF
• Facebook
• https://www.facebook.com/HackUCF/

Mentorship

• Mentorship program is live!
• Join #hackucf_mentors to see mentor bios, and for updates
• If you’re interested in being a mentor, dm @dmaria

Dues

• Dues are $10 for the academic year
• Required to be an official member of the club
• you must fill out our membership form before paying dues.
• Make sure you follow the process that is described on https://hackucf.org/blog/join/.
• Dues paying members can enter our T-shirt design contest to win a drone

Shirts and Membership

Shirts are here!!

​

CTF Workshop

• Saturday (2/9/2018)
• Saudi National CTF
• Going through past challenge write ups
• HEC 111
• All skill levels welcome!
• Beginners are encouraged!
• Starts at NOON

Hack the Box University

• UCF is on Hack the Box now
• Message @dmaria in slack to be added to the group

CTF Writeups

• github.com/hackucf/ctfs
• Read CONTRIBUTING.md
• Make a Pull Request with your write up!
• Raffle for 100$ for completed, quality writeups
• Questions? Need Help? #knightsec on Slack, or email pduncan@hackucf.org

Sunrise CTF logo design contest

• New beginner CTF we’ll be hosting at Knight Hacks
• Need a new logo
• Two new logos (one generic and one themed for this year)
• This year’s theme for Knight Hacks is space
• Prize: LAN Turtle
• https://goo.gl/forms/fkGRyK0MptAYc1F33

Operations

• Come help run the club!
• Mondays at 6:00 PM in HEC 356
• Open to anyone

Lockheed Martin Cyber Lab

• Feb 15th
• 10:00 AM - 12:00 PM
• Cyber Security Panel
• FREE FOOD
• Guest Speakers
• RSVP:
• hackucf.org/labopening

B-Sides Orlando

• Local security conference
• Lockpicking village
• Great talks
• Workshops
• Networking opportunity
• SunshineCTF 2019 hosted by Hack@UCF
• March 30th, 2019
• FREE for students
• https://bsidesorlando.org/2019/?page_id=25
• Volunteer
• https://bsidesorlando.org/2019/?page_id=27

​

Stick Around After!

• Come chat and get some food with us after the meeting (Gringos Locos Tacos)

Current Events (http://gunshowcomic.com/648)

Keysteal

• Vulnerability in Keychain Access on macOS found by Linus Henze
• Refuses to disclose additional information until Apple expands their bug bounty program
• Doesn’t require administrator privileges, circumvents ACLs

​

​

​

​

​

https://9to5mac.com/2019/02/06/mac-keychain-exploit/amp/

Android PNG Vuln

• Remote Code Execution via maliciously crafted PNG files
• No specific details released yet

​

​

​

​

https://source.android.com/security/bulletin/2019-02-01.html

Australian Govt Hacked

• Everyone with an Australian Parliament House email address was affected, including politicians and all of their staff.
• DPS said there is no evidence to suggest data has been taken or accessed, but it will be continuing investigations into the incident.
• AU Govt’s networks have been the subject of 1,097 cyber incidents.

​

​

https://source.android.com/security/bulletin/2019-02-01.html

Google Cooperating with Russian Censors

• Google has removed 70% of the sites that Russia’s censorship agency (Roskomandzor) has requested
• MASSIVE £8,100 fine for not cooperating
• "We're committed to enabling access to information for the benefit of our users in Russia and around the world,"

​

​

​

https://www.theinquirer.net/inquirer/news/3070725/google-search-censored-russia

Researchers Encode Malware in a Strand of DNA

“The result, finally, was a piece of attack software that could survive the translation from physical DNA to the digital format, known as FASTQ, that's used to store the DNA sequence. And when that FASTQ file is compressed with a common compression program known as fqzcomp—FASTQ files are often compressed because they can stretch to gigabytes of text—it hacks that compression software with its buffer overflow exploit, breaking out of the program and into the memory of the computer running the software to run its own arbitrary commands.”

​

CTF challenge coming soon

​

https://www.wired.com/story/malware-dna-hack/

Tool Time is back!

​

This week we will be going over…

​

VMWare Workstation & VMWare Fusion

​

VMware

• What is VMware?
• A hypervisor!.. Which is a virtualization software which can emulate hardware and create/manage virtual machines
• Virtual machines are an emulation of specific hardware and/or OS

There are tons of hypervisors!!

• Hosted
• VMware (workstation, player, fusion), Virtualbox, KVM
• Native
• Xen, VMware ESX, Hyper-V
• “Containerization”
• Docker (new hip lightweight virtualizer)

UCF STUDENTS CAN GET VMWARE

Workstation FOR FREE!!!!

https://e5.onthehub.com/WebStore/Welcome.aspx?vsro=8&ws=48858CBA-C19B-E011-969D-0030487D8897

Features

• Run multiple different operating systems on a single host!
• Create more safe and and secure servers
• Create labs with isolated networks
• Implement network protocols, practicing pentesting, do malware analysis
• Share folders, share file from your host to guest
• Test software

​

Get the triangular foods!

Line up down the left aisle

Sponsored by:

Labs

(Lessons Learned and other cool stuff)

Who am I?

Someone please tell me, I am very lost

A human, more accurately a Homo-Sapien

Called Peyton

• @helithumper on twitter & slack
• Lab Mgr / QA Engineer @ ItWercs
• Lab Engineer @ IBM MSS
• Lab Manager for HackUCF / CCDC

A note on my skill

I am by no means an expert in most of the things I will be talking about today.

If you believe something is incorrect or not fully true, please don’t grill me on it. You may be correct.

What is a Lab?

And Why should I have one?

But really, What is a lab?

​

A lab is a dedicated environment for learning. It is somewhere you can test new and existing technology without affecting other systems.

YOU AREN’T SUPPOSED TO ALWAYS SUCCEED

That’s the point!

If so, then how can I learn

“It's fine to celebrate success but it is more important to heed the lessons of failure.” - Bill Gates

What do I need to put in a lab?

Hardware isn’t everything

NOTE

• None of this is absolutely necessary
• Hardware will depend on what you are testing
• Never dig into hardware as a limiting factor
• Get Witty!

​

What you think you need

What is Reccomended

When you want a step up

Virtualization?

• Snapshots!
• Virtualized Networking
• Cost Effective!
• Hypervisors used IN PRODUCTION

Here’s the secret for how to do things for cheap

SHH. It’s a secret

The Un-Demo

How to get discounts & beginner’s tips

p3.8xlarge

32 vCPUs

244 GiB of RAM

$12.24 per Hour

Organization

Keep it clean and it’ll last for longer

IPAM

• Keep track of what you are running
• Ensure no IP Conflicts

​

Updates

• Tools exist to help with this (Should test some of them in the lab)
• See if updates will break stuff
• Unless you want them to be out of date...

Identity Management

• Keep Users organized
• Don’t lose credentials

Documentation

• Keep logs of what you do and how you fixed it.

Remote Access

• OpenVPN
• Wireguard
• RDP
• Multiple Backdoors

Keep Backups and Snapshots

What can you learn

Cool stuff and Demos!

VMWare ESXI Management

• How to break a vCenter Cluster….
• Repeatedly….
• Accidentally….
• Purposefully....

​

Windows Server Stuff!

• AD Domains
• DNS
• DHCP
• IIS

Websites

• NGINX
• Traefik
• Apache

​

Databases

• MySQL
• MsSQL
• MongoDB
• Aerospike

​

Obscure and Old Stuff

• Plan9
• MPLS Circuits
• Multiprotocol Label Switching

Networking

• VyOS
• Learn why you shouldn’t use PfSense in production
• IDS / IPS
• IPTables

Docker

• Containerization
• What do containers do?
• How to properly prepare containers?

Scale

• Kubernetes
• Networking at Scale
• Policy Deployment
• Tool Development

Ansible

• Mass Deployment
• State-based Scripting
• Fact Gathering

​

Ansible Fun

IRC Freenode: #hackucf, Slack hackersofucf.slack.com�https://hackucf.org ● https://www.facebook.com/HackUCF

Thank you!�feedback.hackucf.org