null – The open security community n|u

null Bangalore meet on 22nd August 2009

// August 13th, 2009 // Meets

Agenda:

1.  Amit Praekh will be showing a live demonstration of hacking a corporate network

Venue : Praxeva India Services Pvt. Ltd, Atrium Business Center,
66/1 2nd Floor, Coles Road, Frazer Town, Bangalore-560005

Map Location : http://www.praxeva.com/contact_us.html

Date & Time: 22nd Aug 2009  10:00

_________________________________________________________

MoM:

Members: 10

We had the informative session on live hacking a corporate network by
Amit Parekh. Amit took us through the entire process of how to scan,
ennumerate, indentify services and attacking high value systems in a
structured manner. He explained the finer points of what is a
vulnerability assessment as opposed to a full blown penetration
testing of a network.

He hacked the internal network of Praxeva. Simran who is the CTO of
Praxeva had given his permission to do so. Simran also invited his
system admin colleagues to witness how a hacker would go about gaining
access all the way to the active directory of the network and finally
getting users and passwords. The high point was when he logged into a
HP printer with anonymous FTP access and force the printer to print
his nmap scan report!

Amit has promised to send his notes about the session as well.

Some of the tools that were discussed as part of the session are
1. nmap version 5
2. Nessus 4
3. userdump
4. Acutenix Web scanner
5. nstalker
6. Jexplorer
7. nmap scripting language
8. net command in windows

Some of the common attack vectors discussed are
1. Echo port vulnerability
2. LDAP anonymous access
3. FTP anonymous access
4. MSSQL default accounts
5. Null sessions on domain controllers
6. Flash vulnerabilities

I for one was amazed at his methodical approach to the whole exercise
and gained a lot from it. Everyone was animated by the end of the
session and the discussions that followed were very lively.

NEXT MEETING ON 5th SEPTEMBER 2009 – 10 AM

Our next meeting is a combined meet with the OWASP Bangalore members.
The following talks are scheduled

1. Cloud Security by null member Shashidhara CN
2. Cookie Replay attacks by OWASP member Ravi

It is promising to be another knowledgeable session with Shashidhara’s
talk covering 15 domains to consider before moving to the cloud.

VENUE DETAILS

Venue : Praxeva India Services Pvt. Ltd, Atrium Business Center,
66/1 2nd Floor, Coles Road, Frazer Town, Bangalore-560005

Map Location : http://www.praxeva.com/contact_us.html

* End of mosque road there is a CCD, from there, if you look diagonally
opposite (onto coles road), you will see a pizza hut (approx 100 meters). The
office is on the 3rd floor of the pizza hut building.

Simran’s number in case you have trouble finding the place is: +91 9741 39 1086

MISC DISCUSSIONS

1. Video recording of the sessions was discussed. Some members who are
working for various companies were not comfortable with the idea
considering that they don’t want to be talking about somethings on
tape.
2. Another suggestion was to just record the slides being shown or the
computer screen to log various commands and tools being used. I
request members to explore the mentioned software CamStudio, Wink,
DimDim and also suggest something they might know about.
3. Some people suggested having a Capture The Flag with a Red Team and
Blue Team. We should discuss this more on the list and figure out the
logistics of holding it as part of the meeting.