Monday, April 29, 2013

Ethical Hacking Challenges

Each spring I take part in a ethical hacking LAN party called WisCon. You can get more information at http://wiscon.org. Wiscon is a network intrusion party that happens once a year in Appleton, Wisconsin. This is a party for people who are interested in computer security. It's a fun time to get together with friends and learn something new about computer security. I have decided to open source the challenges and make some videos demoing how they work.

Capture the Flag


In this challenge there are four teams fighting to gain control of a remote server. The scoreboard will track who has current control and each team will gain points the longer they hold control.





Word Sniffing Challenge


In this challenge the program will spew tons of network traffic repeating different words. People will need to use a packet sniffer and try to find each word in the network trafic to build a sentence. 
Source: https://github.com/JosephWetzel/NetworkBroadcast




Online Shopping Challenge



In this challenge the program will surf the web while randomly ordering items online. After identifying the traffic going to the merchant account you will then be able to locate the users confidential transaction information.




The HiJack Control Challenge


In this challenge you will need to take advantage of an installed application. Using a packet sniffer and a replay attack you will be able to force someones browser to navigate to a non-requested site.





Friday, February 1, 2013

Handy iPhone Video Tool

Lately I have been making videos demoing how my mobile applications work and uploading them to YouTube. I recently found a very cool free utility that turns your mouse cursor into a realistic looking human hand. This OSX application you run before starting to record your xCode emulator. It has some pretty cool features like you can smudge the screen after touching. It gives the video a polished feel over just the traditional cursor. It's a cool little free app and makes the videos look more professional.

URL:Cnet

Thursday, January 31, 2013

Crontab Value Generator

I recently found a very nice website that helps generate crontab settings. For those of you that are not familiar with crontab it is a service that runs in the background on Linux machines and will fire off scheduled tasks at specific times. Personally I use this on my TiVo to schedule certain tasks I want to run on certain times and days of the week. Unfortunately I don't work with crontab enough and I quickly forget the file format and which values need to be replaced. This website helps you generate the specific value to insert in the crontab file by answering some simple questions. The website is very useful and easy-to-use. You will want to check it out if you ever need to update your crontab file.

URL: http://www.corntab.com/pages/crontab-gui