What Did We Do This Week At SIT? – April 17, 2013

Announcements: We’re on Twitter: @ufsit

Tyler Pitchford!! Find out more information at ufhack.org/events. (It’s also on the UF Engineering calendar!)

SwampSec is going to be taken over by a reception for Tyler Pitchford at Dr. Wilson’s house! Dr. Wilson will send out more information later.

Dr. Wilson needs emails/letters for his technology fund proposal for a RAVE. Information can be found on the listserv.

The UF CTF!

  • Saturday 11am-7pm

  • Gainesville Hackerspace

Let’s talk about B-Sides: If you didn’t go, you missed out! There were awesome badges and I guess some fancy dancing.

UCF Team has invited us to join their team for DEFCON! The team name is going to be the “Sunshine State Hackers” aka SSHv3.

Officer elections!

  • President: Vincent

  • Vice-President: Gabriel

  • Treasurer: Mohan

  • Secretary: Andrew

The files from John Sawyer’s presentation can be found on the UFSIT GitHub account (includes presentation!)


Meeting - April 17, 2013 - Incident Response, Forensics, and John Sawyer!

Good morning SITers!

John Sawyer, a SIT founder & pen tester for InGuardians, will be

speaking on Wed night. We will also be holding officer elections as

well as talking about some upcoming events that SIT will be hosting.

John will be covering the following topics to get everyone prepped for

the upcoming SIT CTF on Saturday, April 20:

Incident Response and Forensics

We will do a quick introduction into the world of incident response

and forensics with a brief overview of what the different stages are,

important tools and techniques, and some hands-on examples. Pay

careful attention because some of these exercises may come in handy

during the SIT CTF.

The example exercises will be available in our GitHub repo so you can

grab them later if you miss the meeting.

Cyber Quest April 2013

Packet Capture-based Web Vulnerability Analysis

http://uscc.cyberquests.org/

We probably won’t cover much about how to do this competition since

Mauricio has already talked about the topic, but I want to discuss it

briefly. It would be awesome to get as many UF participants as we can.

Registration has already opened and the quiz opens on Tues so let’s

get started!!

Fri. Mar. 29, 2013 10:00am EDT  Registration opens

Tue. Apr. 16, 2013 7:00am EDT   Quiz opens

Mon. Apr. 29, 2013 9:00pm EDT   Registration closes

Tue. Apr. 30, 2013 11:59pm EDT  Quiz closes ”

[Things to Bring]

Laptop with Backtrack/Kali Linux

[Miss a Meeting?]

You can find the old meeting minutes here:

http://ufhack.org/category/meeting-re-caps/. Meeting minutes will

be available before twenty four hours after each meeting.

[Ethics Agreement]

If you haven’t yet signed an the ethics agreement

posted at http://ufhack.org/ethics/, please bring a copy of the

agreement, printed out and signed, to tonight’s meeting.

[Time and Location]

Wednesday

8:00pm – 10:00pm

1151 McCarty Hall A

http://campusmap.ufl.edu/?loc=0495


What Did We Do This Week At SIT? – April 10, 2013

UFSIT Meeting | April 10, 2013 | Decompilers!

– Announcements! –

Dr. Joe Wilson is teaching an Ethical Hacking course this Fall! - Email him for more information: jnw@cise.ufl.edu B-Sides Orlando is this weekend! CTF Approaching! - April 19th - April 21st (48 hours): Plain CTF hosted by the PPP - Hackerspace on Friday/Saturday/Possibly Sunday? Tyler Pitchford is coming to speak at UF on April 24th! - Attorney and creator of Azureus/Vuze - Giving TWO talks on Massive Open Online Courses (MOOCs | on April 24th) and Reverse Engineering (April 25th for SIT specifically) Next Fall, we will be using KALI LINUX! Kali is pretty much the newest version of Backtrack and can be downloaded at www.kali-linux.org Officer elections will be held next week!

– DECOMPILERS –

Decompiler takes byte code and turns it into a readable source We can reverse any interpreted language which includes: - Python and Java Why?! - … to hack Minecraft of course. - Which, on a side note, it’s pretty easy to decompile Java code How?! - JAD (for Java) and UNPY (for Python)

– JAD –

1) Open up Backtrack 2) Backtrack -> Reverse Engineering -> JAD - Note: It will open up in Terminal 3) Use ./jad [path/of/class/file.class] - This will output a .jad file which you can use “cat” to display the text or open it in vim

Challenges! - There are challenges on GitHub! - If you already have the “sitgit” already setup, just navigate to [sitgit-folder]/meeting-files and use “git pull” to pull the new challenges! - I personally recommend copying them to your desktop for easy access when using JAD! - Remember that not all challenges are solvable……….

– UNPY (aka uncompyle) –

  • The zip file for UNPY is in the meeting-files folder in [sitgit-folder]! Installation: 1) Navigate to the unzipped uncompyle-master directory 2) Run “python2.7 setup.py build” 3) Run “python2.7 setup.py install” 1) Navigate to the uncompyle-master directory (or wherever you saved the uncompyle files) 2) Run “python2.7 uncomplyer.py [path/of/class/file.pyc]” 3) The output will be what’s in the [file.pyc]!

As always, if you have a question about anything, send an email to our listserv or come chat in the IRC!


Meeting - April 10, 2013 - Decompilers

Good afternoon SITers!

Wednesday night Vincent will be giving a presentation about decompilers, specifically JAD and UnPy and we’ll have some demo time to mess around with these tools.

[Things to Bring]

Laptop with BackTrack/Kali Linux

A little Git knowledge (review here: http://ufhack.org/2013/04/03/what-did-we-do-this-week-at-sit-april-3-2013/)

[Ethics Agreement] If you haven’t yet signed an the ethics agreement posted at http://ufhack.org/ethics/, please bring a copy of the agreement, printed out and signed, to tonight’s meeting.[Time and Location] Wednesday 8:00pm – 10:00pm 1151 McCarty Hall A http://campusmap.ufl.edu/?loc=0495