Hack Challenge Redo (part3)

We had a small break with our hacking challenges Redo. The format of the Meetup required a change, to accommodate for less experienced visitors. And as much as I love the SANS Institute Challenges, they tend to be quite a puzzle, especially later one. So for now, we are going to focus on couple other Hacking Challenges that are available online. And hopefully in December, when new 2022 SANS Hack Challenge starts, we will have a group ready to battle it together πŸ™‚

Let’s start from Over the Wire. There are plenty games there, we will start with the Bandit, as most suitable to get used to the platform. Bandit offers 33 levels to play, it teaches Linux commands and tools. In each level your goal is identical, find a password to the next level, but let’s start from the beginning.

Over the Wire artwork

To play Bandit you will need to establish SSH connection to the Over the Wire lab server, all details of connection are given in Level 0.

So, what is SSH?

Secure Shell, sometimes referred to as Secure Socket Shell, is a protocol which allows you to connect securely to a remote computer or a server by using a text-based interface. When a secure SSH connection is established, a shell session will be started, and you will be able to manipulate the server by typing commands within the client on your local computer. System and network administrators use this protocol the most, as well as anyone who needs to manage a computer remotely in a highly secure manner.

How to use SSH on Windows?

Most common ways of using SSH on Windows is by using one of the clients. Most popular clients are: PuTTY, BitwiseSSH and OpenSSH. Windows 10 users have now the option to use build-in OpenSSH client. Just follow the installation details of your choose client.

How to use SSH on Mac?

Mac’s have build-in Terminal feature, that provides SSH client.

How do we do it on Linux?

That shouldn’t be a problem for any regular Linux users, but in case you are just starting with Linux. Go to your terminal and type:

ssh

This should list all ssh details and commands. If that’s not the case, just use the following command to install OpenSSH:

sudo apt-get install openssh-client

Full list of common SSH flags can be found here.

This should get everyone started and ready for this week challenge πŸ™‚

One more thing, you may need to use Vim and couple Linux commands.

See you @ 5-7pm today @ our dedicated Discord channel.

Holiday Hack Challenge Redo (part 2)

Hello Everyone, we are about to join in ranks to battle the SANS Holiday Hack Challenge tasks again, today on dedicated Discord server. Please use the Meetup page for more details, ongoing announcements.

This post will summaries last Meetup progress and provides clues for further steps.

Let’s start we the recap. We started with:

Followed shortly by:

On the 23rd of January Meetup we have completed following tasks:

  • Objective 1 – Uncover Santa’s Gift List – clues in blog post video above
  • Objective 2a – Kringle Kiosk – clues in blog post video above
  • Objective 2b – S3 bucket – clues give at a Discord were: update the wordlist and add the searched bucket name, use ‘cat’ command to inspect the bucket. Copy and inspect in CyberChef the file. Start unpacking and remember to pipe the output whenever needed.
  • Objective 3a – Linux Primer – no clues were needed πŸ™‚
  • Objective 3b – Point-of-Sale Password Recovery – clues give at a Discord were: download the package, no need to install the shop. Unpack the exe file, and poke around until you find app.asar and use 7zip to open Asar file.

Later today, 5-7pm GMT we will be focusing on following tasks:

  • all unfinished past tasks
  • Objective 4a – Unescape Tmux – no help needed
  • Objective 4b – Santavator operations – no help needed
  • Objective 5a – Speaker UNPrep – first clue: ‘strings door’ with some filters, more clues @Discord
  • Objective 5b – 5b: 33 Gkbps – no help needed
  • Objective 5c – Open the HID lock in the Workshop – no help needed
  • Objective 6a – Regex Toy Sorting – we will battle it together @Discord
  • Objective 6b – Splunk Challenge – clue: look for Bro.

See you later at Discord.

12 years of TOG – Holiday Hack Challenge Redo (part 1)

So, as promised we are going to start SANS Holiday Hack Challenge Redo run by Counter Hack Team. We will start with the latest 2020 challenge . You will need a valid email to create user account, which is instant. You can start straight away on your own or watch a couple helpful videos.

The first video that I would like talk about, it’s Ed Skoudis 2020 Hack Challenge Intro. Video is a great overview of this year challenge.

Second video is aimed at Hack Challenge first timers, it’s walk through the login page and the starting interface.

And don’t forget to join discussion later today at a dedicated Discord Channel https://discord.gg/MqCQkSzG. We start at 5pm today πŸ™‚

This month we are going to focus on 2 objectives.

To help with starting the first objective you can watch this video:

Or read this article with helpful techniques. The online photo editor can be found here.

Watch the video below for the start of the second objective overview:

See you at Discord after 5pm GMT today, we will try to finish Objectives 1 &2 together.

What’s happening in Tog in January

File:07-06-77-Silver-Jubilee-Street-Party-scan04.png|thumb|07-06-77-Silver-Jubilee-Street-Party-scan04

!!!BIRTHDAY PARTY!!!: Tog will be ten years old this month, to celebrate we’re turning our customary Open Social night into a Party night. Saturday 26th January from 7 pm onwards, everyone welcome!

Street Party celebrating the Silver Jubilee of Elizabeth II at a street in Birkenhead, Merseyside, England on the 7th June 1977. Photo originally taken on a Polaroid instant camera. Digitally scanned on 11th July 2010.
Yup, we’re going to have this much fun.

Lock Picking: Happens on Mondays, 7th and 21st January from 7 to 9 pm, or until we’re tired and need to leave. Learn how to open a variety of padlocks harvested from the Halfpenny Bridge – handcuffs too, you never know when that may come in useful. Tools and expertise on hand, and basic lock picking sets are available for purchase, 16 euro each.

Coding: Runs on the same Mondays as lock picking, the 7th and 21st January at 7pm. Come down and work on a project or help others with theirs. Don’t forget to bring a laptop.

Craft Night: Every other Wednesday, the 9th and 23rd January at 7pm. Bring along an unwanted Christmas present and hack it into something cool. Or knit, sew, crochet, embroider, glue, fold, cut and solder away. We have sewing machines, a laser cutter and a 3D printer for the ambitious.

Electronics and Micro Controller Night: Runs every non-lock-picking Monday, the 14th and 28th January at 7pm. For all levels: Arduinos, Raspberry Pis and Intel Galileos, try our introduction to electronics worksheet. Some basic electronics kits available for sale. Bring your own laptop or notebook computer.

Wikipedia Editing: learn how to contribute to the world’s most useful and most searched online encyclopaedia. This month we are celebrating the 15th anniversary of VicipΓ©id, the Irish language Wikipedia, there will be cake and “other party elements”. Intrigued? Come along, Wednesday 30th January, 7pm onwards.

The Science Fiction Book Club elbows its way back into your frontal cortex this month, we’re reading Neal Stephenson’s Snow Crash. We will be praising / trashing it on Wednesday 30th January from 7pm.

What’s on in Tog in December

Lock Picking: Break the bonds of true love, learn to open one or many of the padlocks we harvest from the Halfpenny Bridge. Lock picking nights are on every second Monday, we are meeting on the 10th December at 7pm, taking a rest over Christmas, and will be back in 2019. Basic lock picking sets are available for purchase at the bargain price of 16 euro.

Craft Night: Every other Wednesday, the 12th December at 7pm. Show that irritating / inspirational woman on telly how to really craft Christmas. Or knit, sew, crochet, cut-fold-glue-solder to your heart’s content. We have sewing machines. We also have laser cutting and CNC routing expertise. We may soon have a 3D printer.

Electronics and Micro Controller Night: Runs every non-lock-picking Monday, the 3rd and 17th December at 7pm. For all levels: Arduinos, Raspberry Pis and Intel Galileos, try our introduction to electronics worksheet. Some basic electronics kits available for sale. Bring your own laptop or notebook computer.

Open Social: This month the Open Social will be on Saturday 15th December. Join us for an evening of conversation and pizza. Conor has promised games.

Coding: Runs on the same Mondays as lock picking, the 10th December at 7pm. Come down and work on a project or help others with theirs. Laptop of your own pretty much essential, and bring your own side project.

The Science Fiction Book Club won’t meet in December; on the last Wednesday we will be too scattered over the surface of the planet to rendezvous at Tog, especially since we STILL don’t have access to flying cars, faster-than-light travel or teleportation. We might be reading about one or other or all three, though. We will be taking two months to read Snow Crash by Neal Stephenson. See you back here Wednesday 30th January 2019.

Wikipedia Editing: No meeting in December.

Finish-a-Thon: we are running an all-day hackathon on Saturday 15th December. Instead of starting yet another world-changing project, finish one of those you’ve had lying around waiting for, well, an event like this. The world will thank you. Breakfast will be provided.

48 Hr Filmmaking Challenge: Writers, directors, actors, DOPs, all filmmaking enthausists are welcome to join us and get yourself on a team for the 48hr filmmaking challenge taking place on the 7-9th December. This is a great opportunity if you want to try out filmmaking and don’t know where to start. All skill levels welcome. We will meet and form teams on Thursday 6th and Teams will get together over the weekend and shoot. THERE WILL BE A SUGGESTED DONATION TO TOG OF €5 PER PERSON TO COVER THE COST OF SCREENING (OR WHATEVER YOU CAN AFFORD). Event page on Facebook, https://www.facebook.com/events/351903748909360/

That’s a wrap: fun, flicks and fleadh

Filmmaking is an art and craft with a rich history of can do creative making technology usage prop and set design and musical composition.

Tog hosted  its first film hackathon in November – the Kino Kabaret.

 

We had 35 participants, many of who brought in their friends and family to serve as extras and helpers.

 

There were actors, camera people,script writers, directors, music composers and many more.

 

 

People came from as far afield as Turkey Germany and Slovakia for the weekend session.

 

Pitching started on Friday morning, with 6 films initially put forward to the group.

Soon other ideas emerged organically, and by the time of screening there were 16 films put on screen.

In the meantime there was a Q&A by renowned Irish filmmaker Terry McMahon  following the screening of his award winning sound patrick’s day

 

Sunday was a busy day of editing and finishing film projects.

 

Screening was on Sunday evening, with a short intro by one of the filmmakers involved before each was shown.

Many laughs, cheers, sobs and contemplations were had by the large group watching.

 

Many people would never been part of a film before helped to make several, and experienced people learned new tricks and made new friends.

 

Overall a good time was had by all and its hoped that we’ll host more such events by themselves and intermixed with the other hackathons we run

 

For Your Consideration