Sunday, July 6, 2014

2014-07-04 Challenge: RFID

With RFID you have low and high frequency "tags" or cards and they aren't all the same. List 2 types for each frequency level and what they are generally used for. Then see if you can find out what types of attacks are viable against the 4 you picked and what specific hardware you might need to attempt those attacks. Provide scenarios.

Thursday, June 12, 2014

2014-06-14 Challenge: Hash Identification

Turning out to be a monthly gig rather than a weekly one. Either way, here is this week's challenge, identify and crack the following hash:

8acf10020c2688f8149c06ad8143e97b


You should be able to crack it relatively quickly with a bit o' magic.

(UPDATE: Had to change the hash since everyone and the mother got the original one right off the bat)

Wednesday, May 7, 2014

2014-05-05 Challenge: Bad Characters

During exploit development there is the concept of "bad characters". What are they? What are some common "bad characters" when trying to exploit 1) HTTP 2) FTP 3) Programs written in C



Monday, April 14, 2014

2014-04-14 - Back in the saddle

I apologize for the absence but I've honestly been crazy busy with CCDC (MACCDC prep and execution, and NCCDC prep). It would have been unfair of me to issue challenges without being able to properly respond to them in a timely manner. I do have a few left to answer still. So this week's challenge is going to require a big more research than normal. The following is a Windows 7 event log of some sort. With it you should be able to tell me the computer name, and exactly what time KB982132 was installed.
(The file is intentionally corrupted)

Download: https://drive.google.com/file/d/0ByiDshWJ_PnZbTR3QTNyYUJVUGM

Monday, March 10, 2014

2014-03-10 challenge

This week's challenge is straight forward. "sc" is a Windows command that shows information about Windows services. Pick any service on a windows machine and run "sc sdshow " on it (you can use "sc sdshow lanmanserver" if you want. The output of the command is called a "DACL" in "SDDL". Your challenge is to explain in its entirety what that jumble of letters and semicolons mean, as well as explaining DACLS and SDDLs. Extra Credit: Explain how an attack can use this information.

Monday, March 3, 2014

2014-03-03

Is it Monday already? Sorry for being tardy on the emails this weekend I will get to all of them tonight. I was a little busy making RIT students do push ups in order for me to relinquish control of their domain controllers for ISTS ;-)


See the fun we had here: http://www.reddit.com/r/ISTSRedTeam/

This week's question is:

Describe XML Entity Injection, how it can be found (what indicators may lead you to assuming it's possible on a given app) and what is possible with it?

Monday, February 24, 2014

2014-02-24

First a few FAQs:

  1. I prefer that people email in their answers but a link to a blog post works as well. But I probably wont see them if you post it on social media sites like Facebook or G+. 
  2. I won't be posting anything about the answers submitted, to include what the "right" answer is, this isn't trivia, this project is geared towards challenging you to try something out you may not have tried, or learn something you might not have tried to learn, I'm only here to push you further once you have and keep it rolling week by week once you do.
This weeks question is:

A number of SCADA and ICS systems use a protocol named "MODBUS" what are some vulnerabilities that are in or involved this protocol? What sort of systems were they attached to? What did they control? Why did the vulnerabilities occur? What does SCADA stand for? What does ICS stand for? Dive as deep as you want on this.