MSU Red Team – Fun, Success
The guys that I brought together here at Mississippi State to serve as a Red Team for University of Alaska Fairbanks’ CCDC had a great time Saturday. This CCDC was a “practice” run for two Alaskan teams and two Hawaiian teams, and I believe we gave them a good taste of what they’d likely face [...]
Interesting Reading, and Red Team Action
I’ve been busy this week teaching part of the intro series of courses we have at the National Forensics Training Center, but I still wanted to post a quick update. I figured I’d share a few interesting things I read this week, and talk a bit about some extracurricular activities going on in our lab [...]
GhostExodus, the ETA, and a Control Systems Incident at Carrell Clinic (part 3)
Previous parts (Pre-requisite information. There will be a pop quiz at the end.):
Part 1 – Definitely read the criminal complaint.
Part 2 – Watch some videos
In this post I will be displaying and discussing some screenshots that Jesse “GhostExodus” McGraw posted online. These screenshots were taken on the PC controlling Carrell Clinic’s HVAC system, uploaded to [...]
Santa Claus is Hacking to Town Challenge Results
Over at the excellent ethicalhacker.net site, the results of the Santa Claus is Hacking to Town Skillz Challenge have been posted:
Santa Claus is Hacking to Town – Answers and Winners
These challenges are a lot of fun, and educational as well. Ed Skoudis puts a lot of effort into writing and judging them. There’s a whole archive [...]
MS08-067
I really need to get back into the habit of writing on here, so maybe a few words on the new non-Patch-Tuesday vulnerability is in order. I just got my MacBook back from warranty service yesterday, and was reading about this on Twitter as I was getting everything set back up. I’ll give you a [...]
Immunity’s NOP Certification and Visual Sploit
If you’re lucky enough to be in Vegas these next few days for Defcon 16, you really should drop by Immunity’s booth to pick up another certification to put behind your name (apparently free). The appropriately acronym’d NOP (Network Offense Professional) certification is more than a little tongue-in-cheek, however it’s basic enough to be a [...]
Man-in-the-middle Fake DNS for Metasploit
On Episode 116 of PaulDotCom Security Weekly, Paul mentioned how it would be nice if one could have a little bit finer control over the behavior of Metasploit’s fake DNS server. It seemed like an easy enough hack, so I’ve thrown this together. I can see this being useful in some situations, and hopefully you [...]
Upcoming paper on SCADA software vulnerabilities
I wasn’t going to talk about this on here for a while, since the public disclosure and paper won’t be out for another six months, probably, but my major professor is so excited about it that he just had to put out a press release:
MSU News: Computer science student uncovers software flaw
I’m going to clear [...]
I’m calling it: the new cool-guy word is “Weaponize”
…and I couldn’t be happier. I’m going to start writing “weaponized code” instead of “exploits”. This will totally make up for having to give up “reverse-engineering” for “deep analysis” for “legal reasons” ;).
However you feel about people publishing exploits for the DNS flaw already, there’s a selection of them out there now, and you might [...]
Talking about DNS on the Securabyte 1 Podcast
The folks who put on the excellent Securabit podcast have decided to put together a quick and dirty episode-between-episodes on the recent DNS vulnerability. They’ve decided to call these spontaneous episodes “Securabytes”, and this is the first one:
Securabyte Episode 1: DNS Haiku
Since Dan Kaminsky doesn’t leap around the apartment to find his headset in order [...]