The gamification of pen-testing, and other ideas from Haroon Meer

I missed Haroon’s talk at 44Con last year, and finally watched it online: http://www.youtube.com/watch?v=GvX52HPAfBk

I wasn’t sure about gamification, and had a lot of half-thought out doubts about it, which I was ready to write up on here.  So to firm up my disagreements I watched the talk again… and they all vanished.  I think there’s a lot of good ideas in this talk, with a lot of value; it’s worth forty five minutes of your time.

Everything you need to know about Flame

I’m an incredibly busy person and “time poor”, or easily distracted by all the other interesting things in life that aren’t Information Security, or worn down by trying to “drink from the fire hose” and have given up on trying to be up to date on everything all the time… or all of the above, so it’s rare for me to read about something that doesn’t directly affect me or my customers.  This, however, is an excellent summary of what Flame is capable of, and why it is such an important piece of malware:  http://www.f-secure.com/weblog/archives/00002383.html , “Flame is Lame” by Mikko Hypponen of F-Secure.

Podcast

Just in case you’re not already a listener, do check out the Risky Business podcast – http://risky.biz/netcasts/risky-business – an excellent summary of the week’s news, and an in-depth interview, every week.

While the  “mates drinking on Skype” podcasts along the lines of EuroTrash and PaulDotCom are fun, and occasionally of value, I think Risky Business is the most consistently useful security podcast out there, especially that doesn’t take up a great deal of time.  Can anyone recommend any others?

Solution to wicd problem

Hi,

Just putting this out in the Internet so that when someone faces the same problem that I do this will, hopefully, give them a solution.

You’re using wicd-client to connect to wireless networks, you click Connect, the usual sequence appears… “Putting interface up”, “Validating Authentication”, “”Obtaining IP Address”, “Done connecting…” but then wicd says “Not connected”.  Your wicd.log file ends in something like this:

DHCP connection successful

not verifying

Connecting thread exiting.

Sending connection attempt result success

The solutions are either:

  • Kill your dhcpcd process, either simply with “killall dhcpcd” or “/etc/init.d/dhcpcd stop“.
  • Less reliably, just keep trying the connect button, sooner or later dhcpcd gets the idea, and will grab an IP address for you.

Hacking: Post exploitation

Hello folks,

Came across a nice tool for uploading to a compromised system:

http://blog.gentilkiwi.com/mimikatz/inject

There is a nice method of getting the local password, without cracking any hashes or passing on hashes.

All to do with the SSO implementation in windows. Really nice and works in seconds.

Also cool to inject DLLs into all processes and get it to communicate with the process.

So no reason not to put it into once arsenal…

Cheers,

Matti