Difference between revisions of "Episode337"

From Security Weekly Wiki
Jump to navigationJump to search
 
(14 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
{{Advertisements}}
 
{{Advertisements}}
  
= Episode Media =  
+
= Episode Media =
  
 +
<center>{{#ev:youtube|AnzTngDGL6o}}</center>
  
 +
[http://traffic.libsyn.com/pauldotcom/PaulDotCom-337.mp3 MP3]
  
 
= Announcements =
 
= Announcements =
  
PaulDotCom Security Weekly - Episode 337 for Thursday July 2nd, 2013
+
Security Weekly - Episode 337 for Tuesday July 2nd, 2013
  
* The Hills have IPs!!  Defensive Intuition (the Consulting arm of PaulDotCom Enterprises) and Black Hills Information Security have joined forces to offer all your training, Active Defense and pen test needs! Visit [http://www.blackhillsinfosec.com www.blackhillsinfosec.com] for more information.
+
* The Hills have IPs!!  Defensive Intuition (the Consulting arm of Security Weekly Enterprises) and Black Hills Information Security have joined forces to offer all your training, Active Defense and pen test needs! Visit [http://www.blackhillsinfosec.com www.blackhillsinfosec.com] for more information.
  
 
* Register at Blackhat USA Las Vegas! [https://www.blackhat.com/us-13/training/offensive-countermeasures-the-art-of-active-defenses.html Offensive Countermeasures: The Art Of Active Defense] July 27-28 & 29-30.
 
* Register at Blackhat USA Las Vegas! [https://www.blackhat.com/us-13/training/offensive-countermeasures-the-art-of-active-defenses.html Offensive Countermeasures: The Art Of Active Defense] July 27-28 & 29-30.
Line 20: Line 22:
  
 
= Interview: Matt Bergin of Core Impact =
 
= Interview: Matt Bergin of Core Impact =
 +
 +
  
 
Biography:
 
Biography:
  
Matt "Level" Bergin, age twenty four, works for CORE Security as a Senior Security Consultant where his day job consists of discovering, exploiting, and mitigating vulnerabilities in their client’s network environments. Matt has led his team in over a hundred engagements and conducted training and workshop sessions for organizations all over the world. Before joining CORE, Matt became well recognized in the industry through his activities in the US Cyber Challenge and publications of vulnerability research such as his discovery of the Microsoft IIS 7.5 FTP Heap Overflow.
+
Matt "Level" Bergin, age twenty four, works for CORE Security as a Senior Security Consultant where his day job consists of discovering, exploiting, and mitigating vulnerabilities in their client’s network environments.   Before joining CORE, Matt became well recognized in the industry through his activities in the US Cyber Challenge and publications of vulnerability research such as his discovery of the Microsoft IIS 7.5 FTP Heap Overflow.
  
 
Interview Questions:
 
Interview Questions:
Line 29: Line 33:
 
#What is kfuzz, and what does it do?
 
#What is kfuzz, and what does it do?
 
#What would be a good application of kfuzz? any examples in the wild?
 
#What would be a good application of kfuzz? any examples in the wild?
 
+
#Tell us about what else you are presenting at Black Hat.
 
 
 
 
  
  
Line 43: Line 45:
 
= Tech Segment: Kati Rodzon & Mike Murray of MAD Security on Social Engineering War Stories =
 
= Tech Segment: Kati Rodzon & Mike Murray of MAD Security on Social Engineering War Stories =
  
 
+
 
==Social Engineering War Stories==
 
==Social Engineering War Stories==
  
 
=About=
 
=About=
  
Social engineering is the art of coercing -let face it manipulating- someone into giving you information, allowing you access, or doing something for you. It's basically the art of behavior modification and moment-to-moment training.  
+
Social engineering is the art of coercing -let face it manipulating- someone into giving you information, allowing you access, or doing something for you. It's basically the art of behavior modification and moment-to-moment training.
  
 
=How=
 
=How=
Line 62: Line 64:
 
== Announcement ==
 
== Announcement ==
  
* We are in the process of archiving and cataloging our technical segments, please visit the [http://pauldotcom.com/wiki/index.php/TechSegments PaulDotCom Technical Library] and we indexed all of the [http://pauldotcom.com/wiki/index.php/Interviews interviews we have conducted]. Also, please follow us on Google+ [https://plus.google.com/communities/104303121236769636115 The PaulDotCom Google+ Community], [https://plus.google.com/106764787434811009569/posts The PaulDotCom Google+ Page] and [https://plus.google.com/108998557249071696489/posts Paul's Google+ Page].
+
* We are in the process of archiving and cataloging our technical segments, please visit the [http://securityweekly.com/wiki/index.php/TechSegments Security Weekly Technical Library] and we indexed all of the [http://securityweekly.com/wiki/index.php/Interviews interviews we have conducted]. Also, please follow us on Google+ [https://plus.google.com/communities/104303121236769636115 The Security Weekly Google+ Community], [https://plus.google.com/106764787434811009569/posts The Security Weekly Google+ Page] and [https://plus.google.com/108998557249071696489/posts Paul's Google+ Page].
  
 
* [http://www.sans.org/instructors/lawrence-pesce Larry teaching SANS SEC617] all over and coming to a city near you in 2013. Sign up for NS2013 in Vegas. or my [http://www.sans.org/vlive/details/29945 vLive class this summer (6/24-8/14)] and get a free MacBook Air, Toshiba Ultrabook, or an $850 discount (use the codes here: http://www.sans.org/vlive/specials).  Larry will also be teaching SEC575 (Mobile pentesting) at CyberCon later this year.
 
* [http://www.sans.org/instructors/lawrence-pesce Larry teaching SANS SEC617] all over and coming to a city near you in 2013. Sign up for NS2013 in Vegas. or my [http://www.sans.org/vlive/details/29945 vLive class this summer (6/24-8/14)] and get a free MacBook Air, Toshiba Ultrabook, or an $850 discount (use the codes here: http://www.sans.org/vlive/specials).  Larry will also be teaching SEC575 (Mobile pentesting) at CyberCon later this year.
Line 71: Line 73:
  
 
== Paul's Stories ==
 
== Paul's Stories ==
 +
 
<li><a href="http://packetstormsecurity.com/files/122169/sctp_reverse.py.txt">SCTP Reverse Shell</a></li>
 
<li><a href="http://packetstormsecurity.com/files/122169/sctp_reverse.py.txt">SCTP Reverse Shell</a></li>
<li><a href="http://securityspread.com/2013/07/01/modem-secure/?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+SecurityBloggersNetwork+%28Security+Bloggers+Network%29">Is your modem secure? | Security Spread</a></li>
+
<li><a href="http://blog.whitehatsec.com/blind-sql-injection-what-is-it-good-for/">Blind SQL Injection &ndash; What is it Good For? | WhiteHat Security Blog</a></li>
+
<li><a href="http://securityspread.com/2013/07/01/modem-secure/?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+SecurityBloggersNetwork+%28Security+Bloggers+Network%29">Is your modem secure? | Security Spread</a></li>
<li><a href="https://isc.sans.edu/diary/HP+iLO3iLO4+Remote+Unauthorized+Access+with+Single-Sign-On/16034">ISC Diary | HP iLO3/iLO4 Remote Unauthorized Access with Single-Sign-On</a></li>
+
<li><a href="http://blog.beefproject.com/2013/06/cross-domain-communication-with-jsp.html">BeEF - The Browser Exploitation Framework Blog: Cross-domain communication with a JSP shell from a browser hooked with BeEF</a></li>
+
<li><a href="http://blog.whitehatsec.com/blind-sql-injection-what-is-it-good-for/">Blind SQL Injection &ndash; What is it Good For? | WhiteHat Security Blog</a></li>
<li><a href="http://blog.spiderlabs.com/2013/06/the-problem-with-networks-.html">The Problem With Networks ..... - SpiderLabs Anterior</a></li>
+
<li><a href="http://www.networkworld.com/news/2013/070113-two-malware-programs-help-each-271419.html?source=nww_rss">Two malware programs help each other stay on computers</a></li>
+
<li><a href="https://isc.sans.edu/diary/HP+iLO3iLO4+Remote+Unauthorized+Access+with+Single-Sign-On/16034">ISC Diary | HP iLO3/iLO4 Remote Unauthorized Access with Single-Sign-On</a></li>
<li><a href="http://news.hitb.org/content/mit-researchers-can-see-through-walls-using-wi-vi">MIT researchers can see through walls using 'Wi-Vi'</a></li>
+
<li><a href="http://news.hitb.org/content/hackers-africa-are-building-their-own-aircraft">Hackers in Africa are building their own aircraft</a></li>
+
<li><a href="http://blog.beefproject.com/2013/06/cross-domain-communication-with-jsp.html">BeEF - The Browser Exploitation Framework Blog: Cross-domain communication with a JSP shell from a browser hooked with BeEF</a></li>
  
<li><a href="http://www.darkreading.com/vulnerability/3-stupid-corporation-tricks/240157563">3 Stupid Corporation Tricks</a></li>
+
<li><a href="http://blog.spiderlabs.com/2013/06/the-problem-with-networks-.html">The Problem With Networks ..... - SpiderLabs Anterior</a></li>
 +
 
 +
<li><a href="http://www.networkworld.com/news/2013/070113-two-malware-programs-help-each-271419.html?source=nww_rss">Two malware programs help each other stay on computers</a></li>
 +
 +
<li><a href="http://news.hitb.org/content/mit-researchers-can-see-through-walls-using-wi-vi">MIT researchers can see through walls using 'Wi-Vi'</a></li>
 +
 +
<li><a href="http://news.hitb.org/content/hackers-africa-are-building-their-own-aircraft">Hackers in Africa are building their own aircraft</a></li>
 +
 +
<li><a href="http://www.darkreading.com/vulnerability/3-stupid-corporation-tricks/240157563">3 Stupid Corporation Tricks</a></li>
  
 
==Larry’s Stories==
 
==Larry’s Stories==
Line 87: Line 98:
  
 
==Jack’s Stories==
 
==Jack’s Stories==
 +
 +
#[https://blog.bit9.com/2013/06/29/has-google-finally-closed-the-android-orphanage/?utm_source=BLOG-has-google-finally-closed-the-android-orphanage-6.30.2013&utm_medium=Twitter&utm_campaign=Social+Media Android security is starting to suck less]
 +
 +
#[http://www.darkreading.com/attacks-breaches/bulgarian-national-charged-in-largest-id/240157611 The Shadowcrew forum was taken down in 2004] but the search for the people behind it didn't stop there. Aleksi Kolarov has finally been extradited to the US and was arraigned in Newark yesterday.
  
  

Latest revision as of 19:57, 24 May 2017


Episode Media

MP3

Announcements

Security Weekly - Episode 337 for Tuesday July 2nd, 2013

  • The Hills have IPs!! Defensive Intuition (the Consulting arm of Security Weekly Enterprises) and Black Hills Information Security have joined forces to offer all your training, Active Defense and pen test needs! Visit www.blackhillsinfosec.com for more information.
  • We are looking for sponsors for monthly webcasts in conjunction with SANS - contact paul -at- hacknaked.tv for details!
  • The Stogie Geeks Show! - Kick some ash with the Stogie Geeks, Sunday nights at 8:30PM EST. Come have a cigar with us! If you are in the Rhode Island area please visit our sponsor the Havana Cigar Club, its an awesome place to have a drink! Make sure you print out your $5.00 off coupon here!
  • BSides RI recap and wrap-up. We are already actively working on next year, we're looking for sponsors and volunteers, and we have a web site! http://bsidesri.org

Interview: Matt Bergin of Core Impact

Biography:

Matt "Level" Bergin, age twenty four, works for CORE Security as a Senior Security Consultant where his day job consists of discovering, exploiting, and mitigating vulnerabilities in their client’s network environments. Before joining CORE, Matt became well recognized in the industry through his activities in the US Cyber Challenge and publications of vulnerability research such as his discovery of the Microsoft IIS 7.5 FTP Heap Overflow.

Interview Questions:

  1. What is kfuzz, and what does it do?
  2. What would be a good application of kfuzz? any examples in the wild?
  3. Tell us about what else you are presenting at Black Hat.


Five Questions:

  1. Three words to describe yourself
  2. If you were a serial killer, what would be our weapon of choice?
  3. In a game of ass grabby-grabby do you prefer to go first or second?
  4. If you wrote a book about yourself, what would the title be?
  5. Stranded on a desert island, which tablet would you bring with you if you could choose only one: Android, iPad or Surface?

Tech Segment: Kati Rodzon & Mike Murray of MAD Security on Social Engineering War Stories

Social Engineering War Stories

About

Social engineering is the art of coercing -let face it manipulating- someone into giving you information, allowing you access, or doing something for you. It's basically the art of behavior modification and moment-to-moment training.

How

Fresh off of a physical penetration test for a major company, Michael and Kati will talk about the psychological techniques that do and do not work. When is it time to blend it? When is it time to stand out? What patterns of behavior can be used to your advantage?

References

Many of the techniques talked about are taken from basic social psychology as well as behavior analysis and modification theory. Even though these topics are traditionally small scale, Michael and Kati will discuss how they are applied on a larger scale in a pentest.


Announcement

Stories

Paul's Stories

  • <a href="http://packetstormsecurity.com/files/122169/sctp_reverse.py.txt">SCTP Reverse Shell</a>
  • <a href="http://securityspread.com/2013/07/01/modem-secure/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SecurityBloggersNetwork+%28Security+Bloggers+Network%29">Is your modem secure? | Security Spread</a>
  • <a href="http://blog.whitehatsec.com/blind-sql-injection-what-is-it-good-for/">Blind SQL Injection – What is it Good For? | WhiteHat Security Blog</a>
  • <a href="https://isc.sans.edu/diary/HP+iLO3iLO4+Remote+Unauthorized+Access+with+Single-Sign-On/16034">ISC Diary | HP iLO3/iLO4 Remote Unauthorized Access with Single-Sign-On</a>
  • <a href="http://blog.beefproject.com/2013/06/cross-domain-communication-with-jsp.html">BeEF - The Browser Exploitation Framework Blog: Cross-domain communication with a JSP shell from a browser hooked with BeEF</a>
  • <a href="http://blog.spiderlabs.com/2013/06/the-problem-with-networks-.html">The Problem With Networks ..... - SpiderLabs Anterior</a>
  • <a href="http://www.networkworld.com/news/2013/070113-two-malware-programs-help-each-271419.html?source=nww_rss">Two malware programs help each other stay on computers</a>
  • <a href="http://news.hitb.org/content/mit-researchers-can-see-through-walls-using-wi-vi">MIT researchers can see through walls using 'Wi-Vi'</a>
  • <a href="http://news.hitb.org/content/hackers-africa-are-building-their-own-aircraft">Hackers in Africa are building their own aircraft</a>
  • <a href="http://www.darkreading.com/vulnerability/3-stupid-corporation-tricks/240157563">3 Stupid Corporation Tricks</a>
  • Larry’s Stories

    Jack’s Stories

    1. Android security is starting to suck less
    1. The Shadowcrew forum was taken down in 2004 but the search for the people behind it didn't stop there. Aleksi Kolarov has finally been extradited to the US and was arraigned in Newark yesterday.


    Allison's Stories

    Patrick's Stories