Saturday, 5 November 2011

Week8

Security Randomness

DLL Preloading AKA DLL Hijacking, we talked about the steps on how to do an exploit:

-Create 'Evil Twin' of DLL
-Place DLL with binary
-Execute binary

Could load from a remote location (WebDav, SMB Share), but microsoft released KB2264107 which prevents DLLs from loading from remote locations

We also looked at a very useful tool called Firesheep. Its a firefox extension SideJacking, Harvests credentials for twitter, google, facebook, flickr.

Also talked about Pass-the-Hash.

Sunday, 30 October 2011

Week6

loooooong Lecture... but very interesting..

We did a live example on how to use Immunity debugger for the lab on how to find g1 and g2...

Also how to use and interpret Process Monitor, a very useful tool specially when analyzing malware.

Week7

Web Application Security

We talked about how webpages changed from static to more dynamic, how desktop apps are able to run on web like google apps for example and how this impact in security. More apps, more codes that need to be run, which means more vulnerability and of course, exploits.

We also covered Cross Site Scripting (XSS) the ability to inject JavaScript into a page and also SQL Injection (BAD).

Also we had a very interesting discussion about how important is web security and should be worry.

Monday, 10 October 2011

Week4

Reverse Engineering!!! The best topic.


Talked about what reverse engineering is, "Reverse engineering is taking apart an object to see how it works in order to duplicate or enhance the object."


Some Reverse Engineering tools:

IDA Pro, Pydasm, Immunity Debugger, WinDbg, oSppy..



We looked at some of the Resgisters, EAX, EBX, for 32bit, AX, BX, for 16bit, etc. Indexes to data (ESI, EDI).


ESP--> Stack pointer (top stack)
EBP--> base pointer
EIP--> Instruction pointer


Some basic Assably codes: JMP (jump), ADD, MOV, SUB and of course, NOP (for the extra cycles needed)


For the lab, (this has been one of the coolests labs ever) Cracking a password!


Trying to figure out g1 and g2...

Sunday, 9 October 2011

Week3

Week 3. my favorite class for now. We learned about a new programming language created in 1989 by Guido Van Rossum. One of the most popular programming languages in security tools today.

Python:

Different Data types: Strings (""), Integers (Numbers), Lists, Dictionaries(key:value), Tuples.

With Python you can also create While and For loops to repeat set of codes until a condition is met.

In our class we analyze some basic codes to be able to open a connection with a web server, send and recieve data and close the connection when done.

This is the code:


import socket
#creates a socket -- AF_INET means IPv4, SOCK_STREAM means TCP
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#IP Address to connect to -- Enter Linux VM IP here
IP = ‘freeshell.org'
PORT = 22 #We'll look at the default SSH port
connect = (IP, PORT) #socket connection requires a tuple of IP, PORT
s.connect(connect) #establish a connection
data = s.recv(4096) #Recieve Data -- up to 4K
print data
s.send('SSH-2.0-CLASSROOM-TEST\x0a') #send data
data = s.recv(4096)
print data
s.close() #close the connection)  "







For our lab we created a Python program to be able to talk to an HTTP server and print specific HTTP Headers