10/16 Meeting nmap

At this meeting Mark Lester gave a brief presentation on nmap and set up a challenge to help better understand when nmap is useful.
The challenge was to find the secret message on a network. Here how the challenge was solved
First login to the network with the account provided. From there you can use nmap to scan the rest of the network. Since one does not know how the network is laid out one must first figure out the layout

ifconfig

brings back
all the network info
from that you can tell that the the network is a class C network on the ip range of 192.168.1.0-255

From there you need to find out which of these ips are active so this is were nmap comes in
there are many ways to map out a network with nmap I used

nmap -v -A -T5 192.168.1.0/24

from this you will get back a list of computers and the services that are running on them.
From there you look for interesting ports
Looking through this list one can see that there is port on 192.168.1.110 that is 31415
which are the first 5 digits of pi. This seems interesting so I want to see if I make a connection with it what will happen. This is where netcat comes into play
nc 192.168.1.110 31415

Eureka the port response with
my notes
Phoenix
user:secret
password: Ifoundthepassword

so this obviously looks like someone notes to get into an account. we know the credentials and now we need to know which computer the credentials are good for. My bet would be a computer relates to Phoenix somehow. Looking back at the nmap output we get another Eureka. Phoenix is the hostname of computer 192.168.1.117 so lets try sshing into it.

ssh secret@192.168.1.117

and we're in using a simple ls we see there is a message labeled
Congratulation.message
cating that gets you the secret message

10/10 Meeting

Today we went over a couple levels in Narnia Wargame

Level 1

• Basic buffer overflows
• Endianess
• Keeping a Shell Open
  

Level 2

• Shellcode
• Enviroment Variables

In addition, we talked about a potential CTF in December and that are team needs as much help as we can get. Here are some categories members can specialize in

• Understanding code quickly in Perl, Python, PHP, Java
• Snort Skills - making rules to help identify and block bad traffic
• Wireshark/TCPDump skills - understanding data and giving incite to rest of the team on what other teams are doing and what they are trying to exploit
• Unix Administration skills -
  
• using aide and other intrusion detection tools
• etc
  

If your interested post in the comments which ones your interested in and will try and set up specialty groups so they can get good at the individual areas.

10/2 Meeting Review

This meeting we went through the basic levels on http://www.hackthissite.org/

Some of the topics the levels went over are:

• understanding html
• how post and get work
• a bit on how cookies work
• remotely executing server commands
• reversing simple encryption schemes
• server side includes
• directory traversal exploitation

If someone couldn't make the meeting or didn't finish the levels. Try looking through the sit wiki for info on the levels or Just post a message on the sit list someone is bound to help.