From SQL injection to Shell | Tues Feb 9 @ 6pm in CSE E312

Hey SITers!

This week, we’ll be doing a hands-on exercise called “From SQL Injection to Shell”. In this exercise, you’ll be using SQL injection with a few other techniques in order to gain remote code execution on the system. We’ll be using the NETLAB machines again so feel free to bring your own computer, but you’re more than welcome to use the machines in the lab.

Read on →

CCDC Interest Meeting | Tues Feb 2 @ 7pm in CSE E312

Hey everyone! UF is making moves to participate in the Southeast Collegiate Cyber Defense Competition (SECCDC) for the first time ever. This is really exciting and is something UF’s security club and others have wanted to see for a while. Here’s what the competition is about:

CCDC is a network defense and business simulation. Essentially you are dropped into an unknown network with machines running unknown services. The story goes that the old IT staff was fired for incompetence. It’s your job to clean up their mess and get the machines and services in working order as quick as possible. The network consists of messy Windows and Linux servers running anything from webservers, FTP daemons, to identity management services (active directory). While you clean up the mess, your boss barks orders and assigns tasks - usually more than be completed. The more tasks that are completed on time and longer your services stay up and functional, the more points you get. Oh and while you are fixing up your servers, there is an active red team probing your defenses, trying to keep you offline.

We are going to have our first meeting tomorrow on Tuesday, February 2nd, 2015 @ 7:15PM in CSE 312. We’re planning for at least an hour long meeting. We will be going over competition rules, how to play (and win), and we’re going to be getting a team roster (12 people, 8 will actually play in the qualifying round) together. Looking forward to seeing you there!

For more information about SECCDC visit:

Shellshock | Tues Feb 2 @ 6pm in CSE E312

Hey SITers!

We’ve got quite a few things going on tomorrow night!

For our main topic, Nick will be demonstrating the Shellshock exploit and talking about how we can use Shellshock to break into unpatched systems. After the short presentation, we’ll be giving you all some virtual machines to break into to practice what was taught! If you haven’t signed an ethics agreement, please make sure to sign one before the meeting tomorrow night.

Read on →

Intro to SIT and InfoSec | Tues Jan 19 @ 6pm in CSE E312

Hi SITers!

Tomorrow (Tuesday January 19, 2016) is going to be our first meeting on the spring semester! Our president Greg will be giving you all the rundown on what SIT is and also an introduction to InfoSec as a whole. If you’ve been looking to get into InfoSec and also meet fellow students who are also into InfoSec, come on out (and bring a friend)!

Read on →