Friday, September 26, 2014

Web Hacking 101 - 9/26/2014 Meeting

This Friday our meeting will cover the basics of Web hacking so you get a good intro on the basic vulnerabilities typically found in websites, and how to leverage them to your advantage so you can do fun stuff ;)


Please register an account on https://www.hackthissite.org/ before the meeting as we’ll be using this wargame to get you guys rolling. I don’t know how long account verification emails may take some people, so we’re sending this out now so you have some time to make an account. Feel free to start playing before the meeting if you’re feeling eager!

We’ll be back in our normal place this week!

WHEN: 5pm Friday, September 26th
WHERE: DCC 318 

As usual, bring a laptop and your charger!

Thursday, September 18, 2014

CSAW CTF 2014! - 9/19/2014 Meeting


This weekend is the qualification round for CSAW CTF 2014 (https://ctf.isis.poly.edu/) This is arguably our most important competition of the year and is also our first so there isn’t a better time to come try out a real CTF. You’ll get to test yourself against hundreds of other teams from around the world.


WE WILL NOT BE MEETING IN DCC ON FRIDAY!!
PLEASE NOTE THE DIFFERENT TIME & LOCATION FOR THIS EVENT!

WHEN: 5:30PM, Friday September 19th
WHERE: Sage Labs 4101

We will be playing right here from campus as the entire CTF is online. It starts 6PM Friday and lasts for 48 hours, ending Sunday at 6PM. We will provide the team login credentials at the event.

There will be at least a few of us that will be hacking through most of our waking hours this weekend, so we’d suggest getting lots of sleep and getting your work done prior to Friday/Saturday/Sunday if you plan to invest a lot of time in playing.

Bring your laptop & charger at the very least!

Friday, September 12, 2014

Fairgame Solutions & CTFs - 09/12/2014 Meeting

It's been about two weeks since we launched Fairgame CTF (http://fairgame.rpis.ec), and at the meeting this Friday we’ll go over some of those challenges you couldn't quite crack. Go to this link and vote on what challenges you want us to go over this Friday:


Fairgame should have given you a good idea what to expect from a typical CTF, and we’ll be playing in our first major CTF (CSAW Quals) for the year NEXT weekend! CTFs are a big part of what this club does, and the more of you that come hang out and hack with us, the better it’ll be.

Top 15 players of 175+

The meeting this week will be at the same time and place as the past few weeks.

WHERE: DCC 318
WHEN: 5-7pm Friday, September 12th

Friday, September 5, 2014

Intro to Reverse Engineering - 09/05/2014 Meeting

This week's meeting is in DCC 318 from 5PM-7PM on Friday September 5th.

Reverse engineering is the gateway to many things security oriented, this is every hackers' starter class. We will learn the basics of tools like debuggers and disassemblers and how to use those tools to defeat crackmes or any sort of closed source software. In essence, we are learning the basics of software cracking.

1) Virtual Box 4.3.12 :
https://www.virtualbox.org/wiki/Download_Old_Builds_4_3

2) Malware Analyst Virtual Machine: 
http://ark.rpis.ec/Meetings/09-05-2014_ReverseEngineering/MalwareAnalyst_1.ova
md5:500333e97649228e92b0187a468f2cfc 

(VM Only accessible on campus)

The second file is 12GB Virtual Machine. Give yourself plenty of time to download it. You will not be able to download it during the class. After downloading it, open Virtual Box, and go to File->Import Appliance. Now you're ready to crack software.

This Virtual Machine contains all of the software and challenges necessary for the class and will serve as a basis for several future classes too.

If you cannot download the file in time. We will be in DCC 318 at 4PM with USB drives that contain the Virtual Machine. We have only a few USB drives, so try to download it before the class. The class will begin at 5PM.

Hacking is not a spectator sport. Bring your laptop fully charged and ready to go!