Projects

Hmmm … so heres the new initiative (apart from the numerous others which I have taken up and not completed) which I take up now. I am planning to blog about all the projects I am working on, Virtualization (Research Project to eliminate Virtualization. Its 2 months and I haven’t worked on this much!!!!), Astalavista (on a test bed), my other lab test projects and etc, etc, etc. I would start with the Virtualization one. Wait for it! Atleast, if I am persistent on blogging, it would push my work a bit … Why this initiative? I checked this tool PSTOOLs from Microsoft for my project of Astalavista and working on it was fun! So, just thought to share it with everyone.

So lets roll ………………………………

ClubHack 2009: Day 1

Recently, I attended this Hacking and Security conference ClubHack. It was an awesome 3 day experience listening to seminars, workshops and round table conferences by various eminent speakers and hackers from all over the world. The speakers flocked in from various domains: Telecom, US DoD (Department of Defence), Royal Bank of Scotland, McAfee and even from Pune Police, NASSCOM, CID and other eminent law enforcement agencies! I reached the venue at 8:30 AM, leaving from my institute at 715 AM. The venue was 30 kilometres from my institute!!

What: ClubHack 2009, a meeting place for hackers, security professionals, law enforcement agencies, students and all other security enthusiasts.
Where: The Corinthians Club, Pune (The venue was awesome!)
When: Saturday 5th and Sunday 6th December, 2009

ClubHack 2009: Day 1
5th December, 2009 was Day 1 for ClubHack. The registrations started at around 10 AM (an hour late due to setting up of the venue). There were 3 halls, 2 for the simultaneous talks and the 3rd one for networking, meals and snacks. The day started with the introduction of ClubHack, by Rohit Srivastwa, the founder of ClubHack. This was followed by a small talk by the Chief Guest of the day, Mr. Alok Vijayant, Director Information Group, MHA, Govt. of India. After the keynote speech, the Indian version of BackTrack, Matriux, was launched. A copy of the same distribution was also distributed to all the audience.

Chief Guest at ClubHack 2009

Matriux Launch

After a small round of snacks and networking, the attendees split up in two halls, according to their interest in the talk. The schedule for the same was:

from	to	Room1	Room 2
1000	1100	Registration
1100	1200	Keynote & Matriux Launch by Mr. Alok Vijayant. Director Information Dominance Group, MHA, Govt of India
1200	1300	Rohas Nagpal – Indian IT Act 2000 vs 2009	Manindra Kishore – Incident Handling and Log Analysis for Web Based Incidents
1300	1400	Anant Kochar – Revealing the Secrets: Source Code Disclosure, Techniques and Impacts	Abhijit Tannu – Facilitate Collaboration with Information Rights Management
1400	1530	Lunch
1530	1630	Nikhil Wagholikar in abstentia of K K Mookhey – Risk Based Penetration Testing	Suhas Desai – Open source for securing data with advanced Crypto-Steganography technology
1630	1730	Vinoo Thomas & Rahul Mohandas – India Cyber Crime Scene – Caught in the Crossfire	Lavakumar Kuppan - Lust 2.0 – Desire for free WiFi and the threat of the Imposter
1730	1830	Kush Wadhwa – Advance Computer Forensic concepts (windows)	Gursev Singh Kalra – Mobile Application Security Testing

Another superb thing was the “Internet Bakra”. Running sslstrip and dsniff on the free internet which was provided for the day, all the passwords were sniffed and later at the end of the talks, were shown to people (just the 1st two characters of the password) to explain them that entering personal information in free connections can be harmful. While this did

After all the talks, ClubHack threw a party (on invitation) for the speakers, the volunteers and a few attendees. The party was in Dolally, the only microbrewery in Pune. Dolally is an awesome place (for people who drink beer). It has a wide variety of beers which they brew in house. They also showed us how beer was brewed from around 10 different wheat types. It takes around 20 days to brew beer!! It also has a DJ which plays on-demand music for free!! It was fun discussing informal things with the people whom you saw in formals the whole day! At one particular incident, I couldn’t recognize Mr. Nikhil Wagholikar (from NII Consulting) in the party. He was totally in formals in the day time, and in the evening, total informals!! Dinner was in the same hotel, having a buffet with all the speakers, the volunteers and other guests.

ClubHack Day 1 Party at Doolally

The day ended at around 11 PM (for me, since had to reach my institute before the gates closed for us!!).

The Volunteering Team

• Pankit Thakkar
• Abhijeet Patil
• Murtuja Bharmal
• Aseem Jakhar (founder www.null.co.in)
• Tushar Dalvi
• Pradnya
• Antariksh Shah
• Prashant Mahajan
• Anish
• Ajit Hatti
• and a few more … Kudos to them for a successful Day 1 (and simultaneously, Day 2 and 3!!)

Finally, saying goodbye to everyone, we left for our college at around 11:30 PM (the gate closing ceremony of Symbiosis Infotech Campus, Hinjewadi takes place at 11:30 PM!! we were late!!). Thanks a lot to Mr. Dinesh O’Bareja for giving us a lift till Wakad. We finally reached the campus at around 12:30 AM, went to sleep, just to wake up in another 4 hours for the fully informative, knowledge filled next day of ClubHack: the workshops.

ClubHack 2009!

ClubHack 2009

ClubHack is back! India’s own International Hacker’s Convention is back with its 3rd version with the aim to enable the dissemination, discussion and sharing of deep knowledge in the field of information security and cyber crime investigation.

What: ClubHack 2009, a meeting place for hackers, security professionals, law enforcement agencies, students and all other security enthusiats.
When: Saturday 5th and Sunday 6th December, 2009
Where: ICC or Estique
Registration: Opens in October, 2009. http://clubhack.com/2009/Registration

Rohit Srivastwa

Founder: Rohit Srivastwa
Rohit Srivastwa is a well known security evangelist. He has an expertise in cyber crime investigation and IT infrastructure management. Rohit is actively involved advising several military agencies, law enforcement personnel, media, corporate and Government bodies in these fields. Along with assisting these organizations solving there cases, Rohit is also involved in teaching the related subjects to them. Rohit has trained the police departments of Pune, Mauritius and Malaysia. Rohit Srivastwa is also the founder of ClubHack, a member driven community to spread the security awareness. As his last assignment Rohit was Director Technology at Commonwealth Games Pune (2008) where he delivered the complete technology of games and managed everything which comes under the umbrella of technology.
Currently he is Director Technology and Network Operations for Commonwealth Games to be held in Delhi in year 2010.

ClubHack, India’s Own Hacker’s Convention enters its 3rd version on the 5th and 6th of December, 2009. Previously, it was held successfully in December 2007 and 2008.

ClubHack 2009: Call for Papers
SUBMISSION: ClubHack2009 is expecting a good deep knowledge technical presentations/demonstrations on topics from the world of Information Security. These presentations are expected to be of 40 minutes each. The schedule time for each presenter would be 50 minutes out of which 40 minutes are for the presentation & 10 for the question-answer sessions. We’d request you to submit the papers keeping the time constraint in mind.

TOPICS: The following list is made keeping in mind the most interesting topics in hacking & security. This is more of an indicative list, the papers submission can be on other topics also but have to be close to this & the theme of the event.

• Protocol / Application based vulnerability in networks and computers
• Firewall Evasion techniques
• Intrusion detection/prevention
• SPAM fighting
• Data Recovery and Incident Response
• Mobile Security (cellular technologies)
• Virus and Worms
• WLAN and Bluetooth Security
• Analysis of malicious code
• Cryptography and Cryptanalysis
• Computer forensics
• File system security
• Secure coding & code analysis
• Hardware modification
• Patch writing for vulnerabilities
• Open source hacking toolkit
• Cyber Crime & law

Dates:
Opening: 15th August 2009
Closing: 15th October 2009

For more information, check out http://www.clubhack.com/2009

Me in ClubHack Workshop

ClubHack session in progress

VAPT … Day 1

First day into my VAPT – Vulnerability Assessment and Penetration Testing, (Hacking, in short) was a blunder. I had not contacted my mentor that I was going to start from 15th of April. I forgot . Neither did I know his time of arrival to the office, so that I could reach just on time to talk to him and get the project details.

Anyways, reached xyz (the company for whom I work) at around 9:10 am. I contacted my mentor, Mr Danny Nagdev just before reaching their. He asked me to come at 10, since he was in a meeting. Passed my time on Level 9, started my laptop, and began playing Burnout Paradise … believe me, its a superb game, with all the stunts and races and what not … cool cars, great graphics … ok, later, back to the topic.

I was re-directed to another office of xyz, after meeting Mr. Danny, where the security administrator used to work from. Finally, after having a chai with Mr. Namit Kasliwal, the Security Administrator of xyz, I got my project. I did have a choice of skipping office since that was the first day, but I started off with my job, due to 2 reasons, 1) no friends on the campus and 2) i am a workaholic.

The Project:
I was asked to Hack into the xyz servers. Yo. That would be fun! Lets start off. The project was going to be a Black Box type, i.e. the company would provide me with no information, its me who has to find out everything! Imagine, EVERYTHING!!!! Fine, lets go ahead.

Starting off with the Project:
The company people were good enough to provide me with an ethernet cable to connect to their internal network. Good, atleast that would help me find some more information about them!

The only thing I knew about the company (other than its name, and the 2 people I met), was the website. After connecting to the local internet, I found the basic information:
- the subnet I was connected to (IP address and the subnet mask)
- the DNS used by the company
- the default gateway

After this, the logical step was to find out the final gateway of the company, i.e. the final server which connected xyz the world, the Internet. So, for that, I did a traceroute to the google and orkut servers and from there. Traceroute gives you a list of all the hops on the way to the servers. Looking (DNS Lookup) up each one of them, I came to know of the last internal ip address which would take all the requests of xyz to the Internet. Hence, found the NAT Server!

The next step which I took, was in the Internet side. I queried the Whois database for information on the company’s website. Finding a few fields which were unknown to me, I went on to look for details of the fields which are included in the Whois query answer. I found this wonderful site http://www.apnic.net/db/ref/attributes/attributes-inetnum.html which listed all the fields and their descriptions. Having queried the Whois database, I found a lot many details about the company, like the Name of the contact person for the website, the address of the registrant, phone numbers, email addresses, and the most important, the DNS records!! I dont know why the whois database is open for all; well, good for people like me .

For the Whois query, I used www.samspade.org for the same. I haven’t tried finding how it queries the Whois database, but I did find out how to query the samspade whois database.
www.samspade.org/whois?query=;server=auto. This URL would take you to the Whois page of the IP/Domain.

Also, from the Whois query, I came to know that xyz hosted its website on a public domain, and it wasnt in their servers … wow … pretty intelligent!

Having found the DNS records from the Whois page, the next step was to find the subdomains and the other domains, if registered.

Since it was the first day, I din’t want to go into much of details, and so used the tools on the page http://member.dnsstuff.com/pages/tools.php to get more information on the web server. Using the Whois wouldnt have made much of a difference, since all the whois queries would return the same answer!

Used all the tools available on that page to check what all information I get my hands on.

After all this, I sat surfing their website, looking for more information about the company; their products, services, addresses …. anything, everything.

There is a pretty good addon to firefox, “Extract Links”. It would extract all the links from the specified page and print it on a new tab, separating all the links and the domains. Through this, I found various sub domains of the company xyz. Pretty neat. I dint have to use much of the DNS tools to get the sub domains

There is one more addon, External IP Address. This shows the public IP Address which you are using to connect to the Internet. Through this, I got the IP Address range which the company xyz uses! Simple, huh

Lastly, having certain restrictions on surfing the web, I found the page www.torproject.org. I installed a client for this and started surfing without any problems! Yo!

Cheers