nullcon: the hackerz’ next destination!!

nullcon

nullcon

Long long time ago the land of mortals was plagued with numerals. Men were grappling to get hold of the unknown, the void, the zilch. How does one quantify, measure something that doesn’t exist. The legend goes like this – A few good blokes meditating under a banyan tree further under the influence of some nourishing herbs, in a profound moment of awesomeness, it dawned on them to seek the eternal wisdom of ..nothing. And so was born what we call 0|零|null|n|u . The rest, as they say, is history. nullcon celebrates this quest for knowledge and desire to carry on this legacy.

If you too share this passion for knowledge, if a core dump brings glimmer to your eyes, if you want to share your hack with others and you have an inquisitiveness to learn, then nullcon is the place for you. If meeting hackers/researchers/phreaks in a 2 days event packed conference and the sun-bathed beaches of the tropical paradise called Goa won’t get you off your bed, nothing ever will.
So crack you knuckles, fire your Live CDs, dust your Debuggers and get ready for some serious action this February.

STATUTORY WARNING: nullcon can cause severe exposure to high octane gyan and could leave participants exhausted with wild shack parties. Beware, Be There.

Advertisements

Projects

Hmmm … so heres the new initiative (apart from the numerous others which I have taken up and not completed) which I take up now. I am planning to blog about all the projects I am working on, Virtualization (Research Project to eliminate Virtualization. Its 2 months and I haven’t worked on this much!!!!), Astalavista (on a test bed), my other lab test projects and etc, etc, etc. I would start with the Virtualization one. Wait for it! Atleast, if I am persistent on blogging, it would push my work a bit … Why this initiative? I checked this tool PSTOOLs from Microsoft for my project of Astalavista and working on it was fun! So, just thought to share it with everyone.

So lets roll ………………………………

ClubHack 2009: Day 1

Recently, I attended this Hacking and Security conference ClubHack. It was an awesome 3 day experience listening to seminars, workshops and round table conferences by various eminent speakers and hackers from all over the world. The speakers flocked in from various domains: Telecom, US DoD (Department of Defence), Royal Bank of Scotland, McAfee and even from Pune Police, NASSCOM, CID and other eminent law enforcement agencies! I reached the venue at 8:30 AM, leaving from my institute at 715 AM. The venue was 30 kilometres from my institute!!

What: ClubHack 2009, a meeting place for hackers, security professionals, law enforcement agencies, students and all other security enthusiasts.
Where: The Corinthians Club, Pune (The venue was awesome!)
When: Saturday 5th and Sunday 6th December, 2009

ClubHack 2009: Day 1
5th December, 2009 was Day 1 for ClubHack. The registrations started at around 10 AM (an hour late due to setting up of the venue). There were 3 halls, 2 for the simultaneous talks and the 3rd one for networking, meals and snacks. The day started with the introduction of ClubHack, by Rohit Srivastwa, the founder of ClubHack. This was followed by a small talk by the Chief Guest of the day, Mr. Alok Vijayant, Director Information Group, MHA, Govt. of India. After the keynote speech, the Indian version of BackTrack, Matriux, was launched. A copy of the same distribution was also distributed to all the audience.

Chief Guest at ClubHack 2009

Chief Guest at ClubHack 2009

Matriux Launch

Matriux Launch

After a small round of snacks and networking, the attendees split up in two halls, according to their interest in the talk. The schedule for the same was:

from to Room1 Room 2
1000 1100 Registration
1100 1200 Keynote & Matriux Launch by Mr. Alok Vijayant. Director Information Dominance Group, MHA, Govt of India
1200 1300 Rohas Nagpal – Indian IT Act 2000 vs 2009 Manindra Kishore – Incident Handling and Log Analysis for Web Based Incidents
1300 1400 Anant Kochar – Revealing the Secrets: Source Code Disclosure, Techniques and Impacts Abhijit Tannu – Facilitate Collaboration with Information Rights Management
1400 1530 Lunch
1530 1630 Nikhil Wagholikar in abstentia of K K Mookhey – Risk Based Penetration Testing Suhas Desai – Open source for securing data with advanced Crypto-Steganography technology
1630 1730 Vinoo Thomas & Rahul Mohandas India Cyber Crime Scene – Caught in the Crossfire Lavakumar Kuppan – Lust 2.0 – Desire for free WiFi and the threat of the Imposter
1730 1830 Kush Wadhwa – Advance Computer Forensic concepts (windows) Gursev Singh Kalra – Mobile Application Security Testing

Another superb thing was the “Internet Bakra”. Running sslstrip and dsniff on the free internet which was provided for the day, all the passwords were sniffed and later at the end of the talks, were shown to people (just the 1st two characters of the password) to explain them that entering personal information in free connections can be harmful. While this did

After all the talks, ClubHack threw a party (on invitation) for the speakers, the volunteers and a few attendees. The party was in Dolally, the only microbrewery in Pune. Dolally is an awesome place (for people who drink beer). It has a wide variety of beers which they brew in house. They also showed us how beer was brewed from around 10 different wheat types. It takes around 20 days to brew beer!! It also has a DJ which plays on-demand music for free!! It was fun discussing informal things with the people whom you saw in formals the whole day! At one particular incident, I couldn’t recognize Mr. Nikhil Wagholikar (from NII Consulting) in the party. He was totally in formals in the day time, and in the evening, total informals!! Dinner was in the same hotel, having a buffet with all the speakers, the volunteers and other guests.

At Doolally

ClubHack Day 1 Party at Doolally

The day ended at around 11 PM (for me, since had to reach my institute before the gates closed for us!!).

The Volunteering Team

  • Pankit Thakkar
  • Abhijeet Patil
  • Murtuja Bharmal
  • Aseem Jakhar (founder http://www.null.co.in)
  • Tushar Dalvi
  • Pradnya
  • Antariksh Shah
  • Prashant Mahajan
  • Anish
  • Ajit Hatti
  • and a few more … Kudos to them for a successful Day 1 (and simultaneously, Day 2 and 3!!)

Finally, saying goodbye to everyone, we left for our college at around 11:30 PM (the gate closing ceremony of Symbiosis Infotech Campus, Hinjewadi takes place at 11:30 PM!! we were late!!). Thanks a lot to Mr. Dinesh O’Bareja for giving us a lift till Wakad. We finally reached the campus at around 12:30 AM, went to sleep, just to wake up in another 4 hours for the fully informative, knowledge filled next day of ClubHack: the workshops.

BarCamp Pune 6 … (2/2)

Date: Saturday, November 14, 2009 from 10:00 AM – 6:00 PM

Dear BarCamp’ers

Greetings!

Finally, the most awaited day of the year has arrived. BarCamp Pune 6,

As we all know, a Barcamp is a “democratic” conference. It is not a normal / traditional conference which is usually put together by a committee of professors, or industry veterans, and the speakers selected by the committee and invited to speak. Often, talks tend to be boring “lectures” or “speeches” that you fall asleep in. In these traditional conferences, the tea-breaks and the corridor-conversations are the most interesting and important part of a conference. Think of a barcamp as an entire conference that consists only of tea-breaks and corridor-conversations. Anybody can attend a barcamp. Anybody can speak on any topic that they are passionate about. A whiteboard is put up in the morning with the available rooms and timeslots. People can write down their name and the title of their talk in any available slot. Based on this, the others can decide which talks they want to attend. Democracy.

Startup Saturday:
A Startup Saturday (SS) session is aimed at deepening the skills of startup community in Pune to make more successful startups coming out of the city through creation of a vibrant innovation ecosystem. A SS session is about rich-discussions on topics of interest to startups in the city. A typical session would have only about 25% of time devoted to talk/presentation and rest of the time time dedicated to freewheeling discussion as that is where, in our experience, the audience makes the best use of the available expert.

SS Schedule:

  • 3:00 – 3:40 pm – Sunil Nikhar, Promoter, Pyxis IT on “Information Technology in Financial Sector”
  • 3:40 – 3:55 pm – Ravindrakumar Kshirsagar, Startup Showcase on “Bio-Excellence”
  • 3:55 – 4:05 pm – Break
  • 4:05 – 4:45 pm – Kaushik Gala, Venture Center, NCL on “Academic research to a startup”
  • 4:45 – 5:00 pm – Startup Showcase”

For more details: http://startupsaturday.headstart.in/event.php?eid=6

Venue Address:
Symbiosis Centre for Information Technology,
Symbiosis Infotech Campus,
P 15 MIDC, Phase 1
Rajiv Gandhi Infotech Park,
Hinjewadi 411 057
Pune

For a map of the same, hit the link www.scit.edu/contact.htm from your favorite browser!

To/From the venue (Bus Service):
– To reach the venue, a Bus has been arranged at 9 AM from Symbiosis Institute of Computer Studies and Research (SICSR), Model Colony. This is near to E-Square and Pune Central.
– A bus is arranged at 6 PM from SCIT to reach SICSR (back to Pavillion!)

At the Venue:
– BCP6 would be held in the Assembly Hall of SCIT. This is on the 1st floor (ironically, the ground floor has been named 1st floor) of the Academic Block of SCIT.
– Whiteboard would be put up to write down the topic on which a discussion would be started, with the room number.
– Wi-Fi would be provided at the venue. The SSID (Wi-Fi name) as well as the security key would be provided on the venue.

Lunch:
Lunch would have to be bought by individuals. Its something like TTMM (Tera Tu, Mera Main!). There are a lot of places where lunch could be arranged from.
Possible Venues for Lunch:
– Sweety Stores (on the venue, for some snacks)
– Sai Chaat Centre (on the venue. For some Chaat)
– Symbiosis Mess (Timing: 12:45 PM to 2:30 PM)
– Tamanna Hotel (500m from SCIT)
– Talk About (a branch of Tamanna, 500m from SCIT)
– Lemon Tree (a 3 Star Hotel. 500m from SCIT)
– McDonalds (about 2 KM from SCIT)
– Domino’s Pizzas (about 2 KM from SCIT)
– Mezza9 (awesome for a dinner date. About 2 KM from SCIT)
– Ghar ka khaana (awesome food. About 2 KM from SCIT)

Hope to see you tomorrow.

Good Day!

For more information click here: BarCamp Pune 6

BarCamp: What is it and Why to attend?

What: BarCampPune 6
When: 14 November, 2009
Where: Symbiosis Centre for Information Technology, Hinjewadi, Pune
MAP

Registration: http://barcamp-pune.eventbrite.com/

Pune will have a “BarCamp” free conference this Saturday, 14th November, in SCIT Hinjewadi (bus pickup/dropoff provided from Model Colony). We believe that all technology professionals, and all computer science students should take this opportunity to get exposure to some of the most interesting people and technologies in Industry. To register (free) for barcamp, and for details of venue, timing etc, click here.

BarCampPune6 Logo

BarCampPune6 Logo (Created by Kriti Deb)

A Barcamp is a “democratic” conference. It is not a normal / traditional conference. A normal / traditional conference is usually put together by a committee of professors, or industry veterans, and the speakers selected by the committee and invited to speak. Who can attend is also constrained by money (conferences fees are high), or by other means (only members may attend). And often, talks tend to be boring “lectures” or “speeches” that you fall asleep in.

Anybody who’s been to a traditional conference will tell you that the tea-breaks and the corridor-conversations are the most interesting and important part of a conference. Think of a barcamp as an entire conference that consists only of tea-breaks and corridor-conversations. Well, it’s a little more structured than that… Anybody can attend a barcamp. Anybody can speak on any topic that they are passionate about. A whiteboard is put up in the morning with the available rooms and timeslots. People can write down their name and the title of their talk in any available slot. Based on this, the others can decide which talks they want to attend. Democracy.

You’ll wonder, if anybody can speak, how to ensure quality of speakers and presentations? By the “law of two feet”. The audience in a Barcamp is encouraged to use their two feet and walk away from a talk if it turns out to be boring. People are encouraged to find and create subgroups interested in specific topics, find a room or a corridor, and start discussing – and they often do.

This ensures that everybody finds something interesting, and often something unexpected at a Barcamp. Maybe you might find the 15-year-old kid who knows more about Search-Engine-Optimization than all the “industry veterans” you’ve met. Maybe you’ll go there to learn new technology and instead find some really interesting NGO or other social work organization and join that. Maybe you’ll just land up there, not knowing what to expect, and end up finding not just your first job, but a great career. Maybe you have an idea for a company, but don’t know how to implement it, and you’ll find someone at Barcamp who’s willing to handle the technology for you.

I’m not just making all of that up. Each one of the sentences in the previous paragraph that started with “Maybe” is actually a real-life story that I’ve seen happen during some of the Barcamps in the last couple of years in Pune. And there are a lot more such stories.

Over the next few days, we’ll be writing short articles on why you should attend Barcamp. If you’re a student looking for projects, internships, or recos. Or you are an entrepreneur with an idea, but don’t know enough about technology to implement it. Or you’re an employee of a big company and are looking to hire some really smart people … or you’re looking to be hired by some really smart people. Or you’re a startup looking for collaboration, business development, or simply mentors/advisors.

Thanks to PuneTech for this post:
Orginal Link: http://punetech.com/what-is-a-barcamp-and-why-you-should-attend/

BarCamp

BarCamp

ClubHack 2009!

ClubHack 2009

ClubHack 2009

ClubHack is back! India’s own International Hacker’s Convention is back with its 3rd version with the aim to enable the dissemination, discussion and sharing of deep knowledge in the field of information security and cyber crime investigation.

What: ClubHack 2009, a meeting place for hackers, security professionals, law enforcement agencies, students and all other security enthusiats.
When: Saturday 5th and Sunday 6th December, 2009
Where: ICC or Estique
Registration: Opens in October, 2009. http://clubhack.com/2009/Registration

Rohit Srivastwa

Rohit Srivastwa

Founder: Rohit Srivastwa
Rohit Srivastwa is a well known security evangelist. He has an expertise in cyber crime investigation and IT infrastructure management. Rohit is actively involved advising several military agencies, law enforcement personnel, media, corporate and Government bodies in these fields. Along with assisting these organizations solving there cases, Rohit is also involved in teaching the related subjects to them. Rohit has trained the police departments of Pune, Mauritius and Malaysia. Rohit Srivastwa is also the founder of ClubHack, a member driven community to spread the security awareness. As his last assignment Rohit was Director Technology at Commonwealth Games Pune (2008) where he delivered the complete technology of games and managed everything which comes under the umbrella of technology.
Currently he is Director Technology and Network Operations for Commonwealth Games to be held in Delhi in year 2010.

ClubHack, India’s Own Hacker’s Convention enters its 3rd version on the 5th and 6th of December, 2009. Previously, it was held successfully in December 2007 and 2008.

ClubHack 2009: Call for Papers
SUBMISSION: ClubHack2009 is expecting a good deep knowledge technical presentations/demonstrations on topics from the world of Information Security. These presentations are expected to be of 40 minutes each. The schedule time for each presenter would be 50 minutes out of which 40 minutes are for the presentation & 10 for the question-answer sessions. We’d request you to submit the papers keeping the time constraint in mind.

TOPICS: The following list is made keeping in mind the most interesting topics in hacking & security. This is more of an indicative list, the papers submission can be on other topics also but have to be close to this & the theme of the event.

  • Protocol / Application based vulnerability in networks and computers
  • Firewall Evasion techniques
  • Intrusion detection/prevention
  • SPAM fighting
  • Data Recovery and Incident Response
  • Mobile Security (cellular technologies)
  • Virus and Worms
  • WLAN and Bluetooth Security
  • Analysis of malicious code
  • Cryptography and Cryptanalysis
  • Computer forensics
  • File system security
  • Secure coding & code analysis
  • Hardware modification
  • Patch writing for vulnerabilities
  • Open source hacking toolkit
  • Cyber Crime & law

Dates:
Opening: 15th August 2009
Closing: 15th October 2009

For more information, check out http://www.clubhack.com/2009

Me in ClubHack Workshop

Me in ClubHack Workshop

ClubHack session in progress

ClubHack session in progress

Cop-Tech Forum

Recently, a few months ago, on the 30th of June, 2009, Cop-Tech Forum was launched. It is a joint initiative of Pune Police, NASSCOM (The National Association of Software and Services Companies) and the DSCI (Digital Security Council of India).

Purpose:
The main objective behind this forum was to increase sharing of ideas and knowledge on cyber security between the Police and the IT Industry. As Commissioner of Police, Dr. Satya Pal Singh, phrased it: “Cop-Tech is solemnization of the marriage between the Police and the IT Industry“. It is an initiative which calls for contribution of the IT professionals to help develop the Police force to serve the people better.

Pratap Reddy, an IPS officer who was an advisor (cyber security) to NASSCOM, listed down the things which Cop-Tech has to take care of:

  • Develop the Control Room of Pune Police to make it state-of-art which can cater to all those who dial 100 in a proper, structured way. This would also involve Fleet Management to keep track of police vehicles on the field
  • Cyber crime, computer security awareness among the students, non-IT professionals and the citizens in general
  • Usage of CCTVs from different locations. This would also involve Video and Image Analysis. For this, IT professionals who work in this area were called for help.
  • Training the Police staff in Cyber Security, Cyber Crime Investigation, Forensic Investigation, Computer Security in general, trainings on using of different tools (like GPS). This is to ensure that the state-of-art devices which would be used in the Control Rooms would be used efficiently and effectively by the policemen
  • Forensic Investigation. There are many cases which are shutdown since Police do not have proper evidence or direction to work on. Here, the IT professionals can help (voluntarily) in Forensic Investigation

After this, the discussion was thrown out to the audience who are ready to contribute to this CopTech Forum. It was good to see a number of professionals from Infosys, Delloit, IBM, Null Security Community, Press, etc, who were ready to help in their own way. An Infosys guy was ready to design, develop, code and implement a database system for Cyber Crime cell and Control Room. As is going on for many months now, Null Security Community is already into spreading security awareness among the citizens of Pune, which has now extended to Banglore. They were also interested in helping for Cyber Crime Investigations and Forensics.

Pic:
Pratap Reddy (2nd from Right)
Dr. Satya Pal Singh (Lighting the lamp)

There was a good suggestion from one of the attendees. What he suggested was to look at the whole Cyber Crime as a business. A business which would involve 3 steps, including the actual crime and the monetization of that crime (like selling the data/information, selling the method to perform the crime in form of exploits, etc). If in some way, one of the 3 steps could be interfered and cause hamper, the whole cyber crime process would fall. But, since this Cop-Tech forum has a narrow scope (as of now) to those listed above, this suggestion was left for future scope. There were many other inputs from the audience volunteering for Image and Video Analysis, Forensics, etc.

In short, it was good to see a bunch of around 60-70 individuals as well as a few groups like Null to have participated in this and who are ready to contribute. But, looking at the facts of Pune being the “IT hub of India” or the Silicon Valley of the East, 60 – 70 was a very small number. Till date, people have always questioned the government for not doing a good job, but when it comes to helping/contribution/volunteering, only a bunch of people are there at the disposal of the government, even when the government has taken the first step. This is a humble request to all IT Professionals to help the Police and the Cyber Cell to make it better so that they are able to serve us in a better way.

To get in touch with CopTech and Cyber Cell Pune, you can pay a visit to Cyber Cell branch at Sadhu Vasvani Road, Camp, Pune-1.

Dr. Satya Pal Singh’s Blog: http://drsatyapalsingh.blogspot.com/